iachat/app/controllers
Shivam Mishra 4f94ad4a75
feat: ensure signup verification [UPM-14] (#13858)
Previously, signing up gave immediate access to the app. Now,
unconfirmed users are redirected to a verification page where they can
resend the confirmation email.

- After signup, the user is routed to `/auth/verify-email` instead of
the dashboard
- After login, unconfirmed users are redirected to the verification page
- The dashboard route guard catches unconfirmed users and redirects them
- `active_for_authentication?` is removed from the sessions controller
so unconfirmed users can authenticate — the frontend gates access
instead
- If the user visits the verification page after already confirming,
they're automatically redirected to the dashboard
- No session is issued until the user is verified

<details><summary>Demo</summary>
<p>

#### Fresh Signup


https://github.com/user-attachments/assets/abb735e5-7c8e-44a2-801c-96d9e4823e51

#### Google Fresh Signup


https://github.com/user-attachments/assets/ab9e389a-a604-4a9d-b492-219e6d94ee3f


#### Create new account from Dashboard


https://github.com/user-attachments/assets/c456690d-1946-4e0b-834b-ad8efcea8369



</p>
</details>

---------

Co-authored-by: Muhsin Keloth <muhsinkeramam@gmail.com>
2026-04-07 13:45:17 +05:30
..
api feat: ensure signup verification [UPM-14] (#13858) 2026-04-07 13:45:17 +05:30
auth feat: ensure signup verification [UPM-14] (#13858) 2026-04-07 13:45:17 +05:30
concerns feat: allow agent bots to toggle typing status (#13705) 2026-03-05 08:13:52 -08:00
devise_overrides chore: rotate oauth password if unconfirmed (#13878) 2026-04-02 11:26:29 +05:30
google feat: use of imap login as default if present (#10249) 2024-10-09 15:01:11 +05:30
instagram feat: Instagram reauthorization (#11221) 2025-04-03 14:30:48 +05:30
installation feat: Unify user and super admin credentials (#3830) 2022-01-25 16:58:49 -08:00
linear feat(linear): Support refresh tokens and migrate legacy OAuth tokens (#13721) 2026-03-17 13:09:03 +04:00
microsoft feat: add Google login flow and inbox creation (#9580) 2024-06-07 16:37:46 +05:30
notion feat: Whatsapp embedded signup (#11612) 2025-07-14 21:37:06 -07:00
platform/api/v1 feat(platform): Add email channel migration endpoint for bulk OAuth channel creation (#13902) 2026-03-25 15:58:08 -07:00
public/api/v1 feat: disable helpcenter on hacker plans (#12068) 2026-03-26 23:48:46 -07:00
shopify feat(apps): Shopify Integration (#11101) 2025-03-19 15:37:55 -07:00
super_admin Revert "chore: Upgrade Rails to 7.2.2 and update Gemfile dependencies (#11037)" 2026-02-03 21:09:42 -08:00
survey feat: Add INSTALLATION_NAME to global config (#12376) 2025-09-09 12:13:35 +05:30
tiktok feat: TikTok channel (#12741) 2025-12-17 07:54:50 -08:00
twilio feat: Integrate Twilio WhatsApp ProfileName for contact name resolution (#12122) 2025-08-07 12:53:39 +05:30
twitter fix: response body in twitter callback (#6907) 2023-04-14 16:48:28 +05:30
webhooks feat(shopify): Add mandatory compliance webhooks with HMAC verification (#13549) 2026-02-17 16:52:13 +05:30
android_app_controller.rb chore: Universal Linking for Android (#2324) 2021-06-02 08:46:45 -07:00
api_controller.rb chore: Upgrade to Rails 7 (#6719) 2023-05-06 10:44:52 +05:30
apple_app_controller.rb Chore: Apple site association file for deep linking (#805) 2020-05-03 12:16:11 +05:30
application_controller.rb feat: Conversation API to return applied_sla and sla_events (#9174) 2024-04-01 23:30:07 +05:30
dashboard_controller.rb feat: Use amplitude for Cloud Analytics (#13217) 2026-01-09 09:32:09 -08:00
health_controller.rb feat: add lightweight /health endpoint (#13386) 2026-01-29 00:24:01 +05:30
microsoft_controller.rb chore: Automate SSL with Cloudflare (#12021) 2025-07-24 13:09:06 +04:00
oauth_callback_controller.rb refactor: use state-based authentication (#11690) 2025-06-18 17:39:06 +05:30
platform_controller.rb Chore: Inbox Members API improvements (#3008) 2021-09-14 11:55:02 +05:30
public_controller.rb feat: disable helpcenter on hacker plans (#12068) 2026-03-26 23:48:46 -07:00
slack_uploads_controller.rb fix: handle active storage preview error for password protected pdfs (#11888) 2025-08-11 12:41:37 +05:30
swagger_controller.rb chore: Enable the new Rubocop rules (#7122) 2023-05-19 14:37:10 +05:30
widget_tests_controller.rb feat: Support Dark mode for the widget (#4137) 2022-04-01 20:59:03 +05:30
widgets_controller.rb feat(widget): Allow widget loading in mobile app WebViews when domain restrictions are set (#13763) 2026-03-17 14:29:41 +04:00