Please sign in to comment.
Improved account primary email address change
When a user changed their primary email address we would simply update the email address fields. This is problematic because we have no guarantee the new address is owned by the user. We now update the fields, set the email as unverified and send a confirmation. If an exception happens during this process we rollback the changes as if the email never changed.
- Loading branch information...
Showing with 15 additions and 5 deletions.