Per https://developers.facebook.com/docs/graph-api/reference/user the
offical description of the email field is:
> The person's primary email address listed on their profile. This
> field will not be returned if no valid email address is available
Therefore we can treat the fact that the email is returned as proof
that it has been verified.
Make user#confirm_resend require a valid token in the session
that matches the requested user, and ensure trying to login as
an unconfirmed user sets such a token.
Fixes#1010
This replaces OpenID authentication, which is going away soon, but
provides an upgrade path where we can migrate users that already have
a Google OpenID setup to the new system transparently.
1. It didn't work, the code only checked the remember_me button, not
the remember_me_openid button.
2. It did not have a unique id, making the label next to it not work
for selecting the checkbox.
The slim layout is not really needed since the redesign as the
pages it was used for in the OAuth flow now have less chrome and
work fine on small screens with the normal layout.
Fixes#689
This was a temporary hack to workaround issues with sessions getting
mixed up at the time of the rails 3.1 upgrade, but logs indicate that
whatever the original problem was it is no longer occurring.
Create a separate #create action that handles POSTs to
/user/new. This simplifies the other actions and ensures
that the URL is /user/new when validation errors occur,
rather than /user/terms.
Fixes#398
Both Google and Yahoo guarantee that the email address they return
during the OpenID authentication are emails that they have already
verified:
http://stackoverflow.com/q/5639419
Therefore special case these OpenID providers and automatically
activate the new users account without requiring a separate email
verification step.
This therefore reduces the signup procedure by one step and makes
it easier for new users of these OpenID providers, which cover the
majority of users.
