Project

General

Profile

Task #6066

Story #6063: ldapweb.cgi enhancements

Add email verification for new accounts

Added by ben leinfelder about 6 years ago. Updated about 6 years ago.

Status:
Closed
Priority:
Normal
Category:
-
Target version:
Start date:
09/05/2013
Due date:
% Done:

0%

Estimated time:

Description

We should send a temporary link to activate an account using on a randomly-generated key for their provisional account registration.

We should also remember to clear out the entries that have not been activated after X number of hours (maybe start with 36 hours?). Would be great if this were automated. Maybe ldapweb.cgi could just clear the old ones out whenever it is activated - won't necessarily be that often, but it will take care of old entries. Not a huge risk because the entries in the tmp subtree can't do anything.


Related issues

Related to Metacat - Feature #6099: Remove temporary LDAP accounts after X amount of time has passedClosed

History

#1 Updated by ben leinfelder about 6 years ago

  • Assignee changed from Jing Tao to ben leinfelder
  • Status changed from New to In Progress

This working great - only issue is that using the metacatui cfg we get an un-styled "Activation Successful!" page. This probably isn't the worst thing, but it would be nice if the response were styled.

We could use the #external view to show the activation link, but the email would have to include this (so the perl script would need to know about the metacatUI URL):
http://dev2.nceas.ucsb.edu/#external//knb/cgi-bin/ldapweb.cgi?cfg=metacatui&stage=emailverification&dn=uid=brl,ou=Account,dc=tmp,dc=ecoinformatics,dc=org&hash=$rFjmfh!ltfRXzne&o=Account&uid=brl

This could be implemented using an optional configuration value in the metacatui.properties that is prepended (when present) to the activation link. This is also true of the reset password link that is sent when you request a new password, but in that case, it should probably go to the http://dev2.nceas.ucsb.edu/#account/resetpass link instead of using the #external method. Although the #external method also works just fine.

#2 Updated by ben leinfelder about 6 years ago

  • translation missing: en.field_remaining_hours set to 0.0
  • Status changed from In Progress to Closed

I made the activation link accessible via a configured #external url in the metacatui.properties file. This let's us send an email with a link that results in users seeing styled content - though it does require the metacatui to be deployed. But I think we mostly expect that.

In other emails, I opted to remove or generalize the link because we don;t always know what ui the account manager is being used and and might as well have them navigate to the account page if they find they need to.

Also available in: Atom PDF