Update docs to account for unconfirmed users

Ensure oauth users cannot login with unconfirmed account team-alembic#443
dan-klasson · Aug 19, 2024 · 51131fc · 51131fc
1 parent 5d4f20b
commit 51131fc
Show file tree

Hide file tree

Showing 2 changed files with 20 additions and 0 deletions.
diff --git a/documentation/tutorials/github.md b/documentation/tutorials/github.md
@@ -130,6 +130,16 @@ defmodule MyApp.Accounts.User do
 
         Ash.Changeset.change_attributes(changeset, Map.take(user_info, ["email"]))
       end
+
+      # Required if you're using the password & confirmation strategies
+      upsert_fields []
+      change set_attribute(:confirmed_at, &DateTime.utc_now/0)
+      change after_action(fn _changeset, user, _context ->
+        case user.confirmed_at do
+          nil -> {:error, "Unconfirmed user exists already"}
+          _ -> {:ok, user}
+        end
+      end)
     end
   end
 

diff --git a/documentation/tutorials/google.md b/documentation/tutorials/google.md
@@ -59,6 +59,16 @@ defmodule MyApp.Accounts.User do
 
         Ash.Changeset.change_attributes(changeset, Map.take(user_info, ["email"]))
       end
+
+      # Required if you're using the password & confirmation strategies
+      upsert_fields []
+      change set_attribute(:confirmed_at, &DateTime.utc_now/0)
+      change after_action(fn _changeset, user, _context ->
+        case user.confirmed_at do
+          nil -> {:error, "Unconfirmed user exists already"}
+          _ -> {:ok, user}
+        end
+      end)
     end
   end