Allow grace period for email changes after registration without MFA #2237
Ticket(s) / Related Merge Requests
Summary of Changes
Allows a grace period upon registration of 1 month where-in MFA will not be required to change email if email is not yet verified.
Testing Considerations
Accounts younger than 1 month should be able to change their email address in their settings without MFA if the email is not verified.
To manually set the time of a user account from testing
- Go to
/api/v1/channel/[[insertYourUsernameHere]]
- copy the GUID somewhere. - Open up https://www.epochconverter.com/ - you can use it to get valid timestamps (in seconds)
- Via k8s get into the sandbox cluster and do:
kubectl exec -it cassandra-0 cqlsh
# REPLACE key with GUID and time created with a timestamp with the timestamp you want to test for.
UPDATE minds.entities SET value='1643052513' WHERE key='1343302982225104910' and column1='time_created';
-
Try to change your email - before 1 month in age you should be able to if email isn't confirmed without the MFA prompt. Over 1 month even if email isn't confirmed you should see the MFA prompt
-
To change email confirmation state:
# Confirmed (CHANGE GUID)
UPDATE minds.entities SET value='999999999999999999999999999999999' WHERE key='1343302982225104910' and column1='email_confirmed_at';
# Not Confirmed (CHANGE GUID)
UPDATE minds.entities SET value=null WHERE key='1343302982225104910' and column1='email_confirmed_at';
Regression Scope
It must still prompt for MFA if email is verified or the account is older than 1 month.
Platform Affected (web, mobile, etc)
Engine change could affect web and mobile but shouldn't have a negative impact on clients' consumption.
Developer Testing Completed
Manual
Screenshots
(Any extra UI screens that can be shared)
Does this impact
-
Localization -
Dark/light mode -
Guest mode