feat: Show a confirmation banner if the email is not verified (#8808)

Co-authored-by: Pranav Raj S <pranav@chatwoot.com>
2024-02-03 02:01:29 +05:30
parent 07ea9694a3
commit 0c35a77d4b
11 changed files with 123 additions and 3 deletions
--- a/config/initializers/rack_attack.rb
+++ b/config/initializers/rack_attack.rb
@@ -94,6 +94,11 @@ class Rack::Attack
    end
  end

+  ## Resend confirmation throttling
+  throttle('resend_confirmation/ip', limit: 5, period: 30.minutes) do |req|
+    req.ip if req.path_without_extentions == '/api/v1/profile/resend_confirmation' && req.post?
+  end
+
  ## Prevent Brute-Force Signup Attacks ###
  throttle('accounts/ip', limit: 5, period: 30.minutes) do |req|
    req.ip if req.path_without_extentions == '/api/v1/accounts' && req.post?
--- a/config/routes.rb
+++ b/config/routes.rb
@@ -248,6 +248,7 @@ Rails.application.routes.draw do
          post :availability
          post :auto_offline
          put :set_active_account
+          post :resend_confirmation
        end
      end