Ability to change email?

[Fedcomp]

Is there an email change support atm?

[JamesChevalier]

I decided to use the update action on my UsersController to change the email field on the user. You need to be aware that this change is not reflected in the response headers, though.

So let's say you have this User:

{
  "id": 1,
  "created_at": "2015-12-24T19:15:35.000Z",
  "updated_at": "2016-07-07T13:07:29.800Z",
  "email": "[email protected]",
  "remember_created_at": "2016-02-16T19:38:40.902Z",
  "sign_in_count": 150,
  "current_sign_in_at": "2016-07-06T14:07:08.233Z",
  "last_sign_in_at": "2016-07-06T13:57:11.711Z",
  "current_sign_in_ip": "127.0.0.1",
  "last_sign_in_ip": "127.0.0.1",
  "first_name": "First",
  "last_name": "Last",
  "role": "admin",
  "provider": "email",
  "uid": "[email protected]"
}

Then you send a PUT request to your update action at:

http://127.0.0.1:3000/api/v1/users/1?user[email][email protected]

This will respond with the updated user:

{
  "id": 1,
  "created_at": "2015-12-24T19:15:35.000Z",
  "updated_at": "2016-07-07T13:17:19.459Z",
  "email": "[email protected]",
  "remember_created_at": "2016-02-16T19:38:40.902Z",
  "sign_in_count": 150,
  "current_sign_in_at": "2016-07-06T14:07:08.233Z",
  "last_sign_in_at": "2016-07-06T13:57:11.711Z",
  "current_sign_in_ip": "127.0.0.1",
  "last_sign_in_ip": "127.0.0.1",
  "first_name": "First",
  "last_name": "Last",
  "role": "admin",
  "provider": "email",
  "uid": "[email protected]",
}

But the headers passed along with this response will contain:

access-token →your_access_token_value
client →your_client_value
expiry →1469023628
token-type →Bearer
uid →[email protected]

If you were to send another request with the original headers to an endpoint that requires authentication, then you get a 401 Unauthorized response with the body:

{
  "errors": [
    "Authorized users only."
  ]
}

I think the way to handle this is to consider the user signed out after their email address changes.

[zachfeldman]

Agreed. Closing for now