Commit graph

7 commits

Author SHA1 Message Date
phoenixeliot
8496343a02 Improve student account recovery
This adds the ability to verify email addresses of a user, so we know they have access to the email address on their account.

Until a user has verified their email address, any teacher of a class they're in can reset their password for them via the Teacher Dashboard. When a user's email address is verified, a teacher may trigger a password recovery email to be sent to the student.

Verification links are valid forever, until the user changes the email address they have on file. They are created using a timestamp, with a sha256 of timestamp+salt+userID+email. Currently the hash value is rather long, could be shorter.

Squashed commit messages:

Add server endpoints for verifying email address

Add server endpoints for verifying email address (pt 2)

Add Server+Client endpoint for sending verification email

Add client view for verification links

Add Edit Student Modal for resetting passwords

Add specs for EditStudentModal

Tweak method name in EditStudentModal

Add edit student button to TeacherClassView

Fix up frontend for teacher password resetting

Add middleware for teacher password resetting

Improve button UX in EditStudentModal

Add JoinClassModal

Add welcome emails, use broad name

Use email without domain as fallback instead of full email

Fetch user on edit student modal open

Don't allow password reset if student email is verified

Set role to student on user signup with classCode

Tweak interface for joinClassModal

Add button to request verification email for yourself

Fix verify email template ID

Move text to en.coffee

Minor tweaks

Fix code review comments

Fix some tests, disable a broken one

Fix misc tests

Fix more tests

Refactor recovery email sending to auth

Fix overbroad sass

Add options to refactored recovery email function

Rename getByCode to fetchByCode

Fix error message

Fix up error handling in users middleware

Use .get instead of .toObject

Use findById

Fix more code review comments

Disable still-broken test
2016-05-24 14:07:28 -07:00
phoenixeliot
05ae7057db Fix class joining when entering it in the signup field 2016-05-11 14:53:05 -07:00
Rob
5bd8f7a1cb COPPA tests. 2016-04-26 14:01:03 -07:00
Rob
4183764b61 Add birthday field to user that rejects users under 13 on signup. 2016-04-26 14:00:49 -07:00
Scott Erickson
e6593dea8d Refactor FacebookHandler and GPlusHandler
* Move api loading to FacebookHandler
* Use success callbacks
* Use same, properly named events
* Use same functions and property names
* Refactor related social button, out of use rendering system
* Remove the now unnecessary form split from CreateAccountModal
2016-03-18 11:03:55 -07:00
Scott Erickson
a59e96f277 Tweak invalid class code behavior, fix hide modal button test 2016-03-10 11:23:09 -08:00
Scott Erickson
ebc98f988f Refactor CreateAccountModal out of AuthModal, add class code to signup 2016-03-10 10:52:11 -08:00