Email verification workflow with rate limiting #460
Conversation
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
- Add verification pending page with countdown timer for UX - Implement 60s rate limiting for resend verification emails - Add session management utilities for pending verification state - Handle unverified accounts in custom login flow - Update registration to redirect to pending page instead of login - Set token expiry to 24 hours and add session timeout (15 min) refs: #440
![cursor[bot]](https://avatars.githubusercontent.com/in/1210556?s=60&v=4){kind=small}
There was a problem hiding this comment.
This is the final PR Bugbot will review for you during this billing cycle
Your free Bugbot reviews will reset on January 27
Details
You are on the Bugbot Free tier. On this plan, Bugbot will review limited PRs each billing cycle.
To receive Bugbot reviews on all of your PRs, visit the Cursor dashboard to activate Pro and start your 14-day free trial.
yinanazhou
force-pushed
the
email-wkflow
branch
from
5b13729 to
65780fe
Compare
yinanazhou
force-pushed
the
email-wkflow
branch
from
65780fe to
8f57cff
Compare
Member
Author
|
Hi @dchiller this is ready for review :) |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Add this suggestion to a batch that can be applied as a single commit.
This suggestion is invalid because no changes were made to the code.
Suggestions cannot be applied while the pull request is closed.
Suggestions cannot be applied while viewing a subset of changes.
Only one suggestion per line can be applied in a batch.
Add this suggestion to a batch that can be applied as a single commit.
Applying suggestions on deleted lines is not supported.
You must change the existing code in this line in order to create a valid suggestion.
Outdated suggestions cannot be applied.
This suggestion has been applied or marked resolved.
Suggestions cannot be applied from pending reviews.
Suggestions cannot be applied on multi-line comments.
Suggestions cannot be applied while the pull request is queued to merge.
Suggestion cannot be applied right now. Please check back later.
refs: #440
Note
Implements an email verification pending workflow with session-based state and 60s resend rate limiting, switches auth templates/paths, adds countdown UI, and updates Playwright tests/config.
verify-email-pending/,resend-verification/, andviews.custom_loginhandling unverified users.RESEND_EMAIL_COOLDOWN, redirect to pending; verification activates account and clears session.utils/rate_limiting.py(cache-based cooldown) andutils/session.py(pending email in session).main/auth/*; update email template text (24h expiry). Add settings:PASSWORD_RESET_TIMEOUT,RESEND_EMAIL_COOLDOWN,PENDING_EMAIL_SESSION_EXPIRY.src/auth/ResendEmailCountdown.tswith Vite entry; pending pageverify_email_pending.htmlintegrates countdown.blockGoogleTranslaterouting; simplify translate tests to asserthtml lang.verify-email-pending/and login after verification.Written by Cursor Bugbot for commit d3742b3. This will update automatically on new commits. Configure here.