We want to implement common change email process, it supposed to work as described below:
- user provides new email
- we send info to previous email
- we send veryfication email to new email
- login with new email is prohibited until it is veryfied
- once it is veryfied login with previous email is prohibited
The process is very stupid and seems to be very common but we faced with problem implementing it with Fusionauth (FA).
You can use /api/user endpoint and submit new user email but it does not work properly:
- FA sends email to new address only
- you are able to login with new email even if you did not verify it
- after verification you still able to login with previous email.
Any ideas how to implement with no code?