Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

[FIX] Create a different endpoint to handle change of emails for users. #938

Open
johnson-oragui opened this issue Aug 23, 2024 · 0 comments
Open

[FIX] Create a different endpoint to handle change of emails for users. #938

johnson-oragui opened this issue Aug 23, 2024 · 0 comments
Assignees
@johnson-oragui
Labels
users Issues categorised by users

Comments

@johnson-oragui
Copy link
Collaborator

johnson-oragui commented Aug 23, 2024
edited
Loading

Describe the bug
Because of security reasons, users should undergo a special and well scrutinized process before they can be able to change the email linked to their accounts.
These processes should be:

  • Require a verification process:
    Implement a multi-step verification process that involves sending a verification email or code to the new email address. This helps ensure that the user has control over the new address and prevents unauthorized changes.

  • Limit the number of changes:
    Allow users to change their email addresses only a limited number of times within a specific timeframe. This can help prevent abuse and maintain data integrity.

Expected behavior
Users should be able to change their emails after going through the proper vetted process.

Related issue.

Separate endpoint for email change
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees

@johnson-oragui johnson-oragui

Labels
users Issues categorised by users
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
1 participant
@johnson-oragui