Smart Activation With Single Sign On

This post is related to another post of mine about getting the rpx single sign on to work.

Scenario:

• You are using single sign on but require the user to have emails (Facebook does not return email) or require other fields (eg. accept terms of use).
• You allow users to specify another email besides the one that is returned by the single sign on service (SSOS)
  
• If the user changes that email, you want them to validate it (you send an email to them with a link to activate their account), but if they don't change it (meaning they use the same email that is returned by the SSOS), then the account will be automatically activated

For some reason, I did this the hard way at the beginning. I won't expound on how but what I tried to do in 2 days (but failed) actually took 30 minutes doing it the right way (and worked).

Requisites

1. Make sure you got single sign on working (you're able to read responses and stuff)

If you look at my code and read it a few times you'll understand what I do. From the RPX Controller, you render the login form so they have a chance to change stuff. If they miss out on anything the errors will render. If they submit it, then the form will be submitted to users/create and will render itself if they are still missing stuff. The hidden_field of email_was just stays there, dormant, waiting to be compared later on.

When the user finally has all their stuff filled up and submits the form, if they're on single sign on, then the user will be activated based on the comparison between the email_was and the current email they're trying to save. If they're different, then they're not activated and the user observer sends out the activation mail. If they are the same email, then the account is activated and they have to do one less step. :)

If you have any comments or suggestions please let me know.