Pow
Pow v1.0.29

View Source PowEmailConfirmation

This extension will send an e-mail confirmation link when the user registers, and when the user changes their e-mail. It requires that the user schema has an :email field.

Users won't be signed in when they register, and can't sign in until the e-mail has been confirmed. The confirmation e-mail will be sent every time the sign in fails. The user will be redirected to after_registration_path/1 and after_sign_in_path/1 accordingly.

To prevent user enumeration, the user will see the same confirmation required message if the account couldn't be created due to unique constraint error on :email. No e-mail will be sent. If pow_prevent_user_enumeration: false is set in conn.private the form with error will be shown instead.

When users updates their e-mail, it won't be changed until the user has confirmed the new e-mail by clicking the e-mail confirmation link. The confirmation will fail if the :email is already in use for another account. If PowInvitation is used then the same logic applies when a user accepts an invitation changing their e-mail address in the process.

installation

 Installation

Follow the instructions for extensions in README.md, and set PowEmailConfirmation in the :extensions list.

configuration

 Configuration

Add the following section to your WEB_PATH/controllers/pow/registration_html/edit.html.heex template (you may need to generate the templates first) after the pow_user_id_field field:

<p :if={@changeset.data.unconfirmed_email} class="phx-no-feedback:hidden mt-3 flex gap-3 text-sm leading-6 text-rose-600">
  <.icon name="hero-exclamation-circle-mini" class="mt-0.5 w-5 h-5 flex-none" />
  Click the link in the confirmation email to change your email to <span class="font-semibold text-brand hover:underline">@changeset.data.unconfirmed_email)</span>.
</p>

prevent-persistent-session-sign-in

 Prevent persistent session sign in

To prevent that PowPersistentSession creates a new persistent session when the email hasn't been confirmed, PowEmailConfirmation should be placed first in the extensions list. It'll halt the connection.

test-and-seed

 Test and seed

If you want your user to be automatically confirmed in test and seed, you just have to call: PowEmailConfirmation.Ecto.Context.confirm_email(user, %{}, otp_app: :my_app)

You can also update or insert the row directly and set email_confirmed_at: DateTime.utc_now().

note-on-powinvitation

 Note on PowInvitation

When a user is invited with PowInvitation, the email will only be required confirmed if the invited user decides to change their email when accepting the invitation.