GSoC/GCI Archive
Google Code-in 2011 MoinMoin Wiki

email verification for account creation

completed by: Julian Brost

mentors: Bastian Blank, Reimar Bauer, Thomas Waldmann, Prashant Kumar, Eugene Syromyatnikov

Abstract

We need (optional) email verification for new accounts.

Details

Currently we let a user enter an email address for user creation but we don't verify if that email address exists.

This needs to be changed to:

  • when a user wants to create an account, we send an email to the email address the user has given
  • when receiving the email, there will be a link in it, the user has to visit that url to activate his account
  • make sure we can get rid of not activated accounts, make sure the method is secure / not easily to abuse
  • use same code as for password / account recovery (the difference is that for new users we set should set a random password and then send the recovery token)
  • should be configurable, so it can also work without email sending/verification.

Deliverables: patch or changeset

Benefits

New user accounts are based on a verified email address. Makes it harder for spammers also.

Skill Requirements

See tags.

Note: unless otherwise noted, tasks usually refer to moin2 (http://moinmo.in/MoinMoin2.0)!

You can discuss this issue in the MoinMoin wiki: http://moinmo.in/EasyToDo/email%20verification%20for%20account%20creation