talent-connect/connect

[CON&TP/Login and signup:] For new users: email validation and mechanism to assert ownership over existing Salesforce data

ericbolikowski opened this issue · 2 comments

ericbolikowski commented

User story

As any user of CON or TP, I want ...

  • to have my email validated as part of the sign-up process
  • to take ownership of any pre-existing Contact record in Salesforce, when such a record is associated with the same email address as the one I used to sign up for my user account

Implementing this issue will also solve a major pain point for ReDI staff experiencing one Contact record existing in Salesforce prior to user sign-up, and a second Contact record existing post user sign-up. They currently have to merge many duplicates which is time consuming and confusing.

Acceptance criteria (for QA)

  • No data written to Salesforce until a user's email has been verified
  • Dig up old Loopback code used for old pre-SF integration email validation. Adapt email subject, body, and the surrounding logic
  • User data given in sign-up form on CON or TP is saved into the MongoDB database and stored in the user's JWT token
  • On successful email validation, and the first authenticated (user is who they say they are) and validated (user's email address is validated) request to Salesforce, then and not before then, do insert user data

UI/UX design assets / specification

N/A

Data structures, business rules, and implementation hints

Subtasks

  • Implement email validation
  • Implement changes to backend for changes to how data is written into Salesforce for the first time, given a valid user
  • Keep in mind that we’re not sure if there might be edge cases leading to this branch of code …
    image
    … being executed not only in case of the following use case: Kate signed up with Loopback, Kate verified her email, RedUser is .emailVerified = true, Kate’s browser has a valid JWT token with .emailVerified = true, Kate’s browser contacts NestJS for the first time, no Contact exists, so let’s create a Contact record.
  • Set .emailVerified = true on all old users
ericbolikowski commented

Use these architectural notes

image

  • 👀1
ericbolikowski commented

Done!