Login with email code

[LeeDalchow]

Resolves #172
Type: feature

Issue

Adds the ability to login to the system using an e-mail code instead of the password

Solution

Adds a link on the Login page that allows the user to send themself an e-mail that contains a link to log the user on directly to the system.

Breaking changes

I have edited both InstallDataMessageTemplates.cs & DefaultLanguage.xml, so upgrade scripts will need to be provided to update this. I checked the migrations folder and they seemed to be specific to version upgrades. Was unsure where the code for this upgrade should go.

Testing

1. Visit frontpage of shop without being logged into an account.
2. Head to the Login page
3. Click "Login with E-mail Code"
4. Enter your e-mail address
5. Head to your e-mail and click the link provided
6. You should now be logged into the system.

[KrzysztofPajak]

@LeeDalchow Thanks for contributing.
I would like to suggest:

1. Adding new customer settings - Allow to login by email
2. Add migration process (IMigration) to insert a new message template (to version 2.1.0)
3. Do not extend the Customer entity by adding new field LoginCode
4. Move const int MINUTES_TO_EXPIRE - add new customer settings
5. Login code can be used only once - after use it should be dropped
6. Using the only link to login - is it a secure way, maybe it's worth to use extra Cookies or session ?, Maybe adding settings "Allow to login by email" and add extra info (is not a secure way to use this)

[LeeDalchow]

@LeeDalchow Thanks for contributing. I would like to suggest:

1. Adding new customer settings - Allow to login by email
2. Add migration process (IMigration) to insert a new message template (to version 2.1.0)
3. Do not extend the Customer entity by adding new field LoginCode
4. Move const int MINUTES_TO_EXPIRE - add new customer settings
5. Login code can be used only once - after use it should be dropped
6. Using the only link to login - is it a secure way, maybe it's worth to use extra Cookies or session ?, Maybe adding settings "Allow to login by email" and add extra info (is not a secure way to use this)

@KrzysztofPajak Thanks for your review! Will post my replies below alongside each suggestion number:

1. I will make this change.
2. Thanks for highlighting the version, I wasn't sure which migration to update as they were named after version numbers - will add in these message templates
3. If the Customer entity should not be extended, how do you propose getting the loginCode passed to LiquidCustomer?

Would it be a good solution to modify:

public LiquidObjectBuilder AddCustomerTokens(Customer customer, Store store, DomainHost host, Language language, CustomerNote customerNote = null)

to be something like:

public LiquidObjectBuilder AddCustomerTokens(Customer customer, Store store, DomainHost host, Language language, CustomerNote customerNote = null, string? loginCode = null)

and then assign loginCode (if not null) to AdditionalTokens, which can then be passed into the message?

4. I will make this change.
5. This is already the case - but it does it by setting the code to expire after use, rather than removing it from the database. I will change this to remove it completely from the database.
6. I imagined somebody using the login with e-mail code to potentially login from another device. (ie. a mobile phone, after generating the link from their laptop). Is this not a valid use case in your view? I imagined if a malicious actor had access to their e-mail account, they can also just do "I forgot my password" regardless of additional security on the "Login Code"

If we add extra security (such as a session cookie ensuring the login is from the same browser) to the login by email page, it would make sense to also add that change to the "I forgot my password" area.

[LeeDalchow]

Just a quick note to say I've been busy lately but still intend to finish the updates!

[LeeDalchow]

@KrzysztofPajak

@LeeDalchow Thanks for contributing. I would like to suggest:

1. Adding new customer settings - Allow to login by email Done
2. Add migration process (IMigration) to insert a new message template (to version 2.1.0) Done, although please check over this as I'm not sure if I've done everything I need to to have this work correctly.
3. Do not extend the Customer entity by adding new field LoginCode Removed from Customer entity and instead now pass down as a parameter stored within AdditionalTokens in LiquidCustomer.
4. Move const int MINUTES_TO_EXPIRE - add new customer settings Done
5. Login code can be used only once - after use it should be dropped This is already the case, but I added an extra line to remove the old hash from the database to be safe
6. Using the only link to login - is it a secure way, maybe it's worth to use extra Cookies or session ?, Maybe adding settings "Allow to login by email" and add extra info (is not a secure way to use this) I imagined if a malicious actor had access to their e-mail account, they can also just do "I forgot my password" so any extra security added also needs to be added to that area. I'm also not sure if a cookie is appropriate since I imagined a user potentially logging in from another device (ie. a mobile phone, after generating a link from their laptop). Is this not a valid use case in your view? How would you propose we implement this? Happy to take your lead on this and I'll implement however you think is appropriate.