Add link to resend confirmation email

This link is shown when a user tries to login with an unconfirmed
email address and the grace period has expired

6 files changed, 81 insertions, 7 deletions

diff --git a/app/helpers/sessions_helper.rb b/app/helpers/sessions_helper.rb
new file mode 100644
index 00000000000..af98a611b8b
--- /dev/null
+++ b/app/helpers/sessions_helper.rb
@@ -0,0 +1,7 @@
+# frozen_string_literal: true
+
+module SessionsHelper
+  def unconfirmed_email?
+    flash[:alert] == t(:unconfirmed, scope: [:devise, :failure])
+  end
+end
diff --git a/app/views/devise/sessions/_new_base.html.haml b/app/views/devise/sessions/_new_base.html.haml
index 2f10f08c839..0b1d3d1ddb3 100644
--- a/app/views/devise/sessions/_new_base.html.haml
+++ b/app/views/devise/sessions/_new_base.html.haml
@@ -1,20 +1,23 @@
 = form_for(resource, as: resource_name, url: session_path(resource_name), html: { class: 'new_user gl-show-field-errors', 'aria-live' => 'assertive'}) do |f|
   .form-group
-    = f.label "Username or email", for: "user_login", class: 'label-bold'
-    = f.text_field :login, class: "form-control top", autofocus: "autofocus", autocapitalize: "off", autocorrect: "off", required: true, title: "This field is required.", data: { qa_selector: 'login_field' }
+    = f.label _('Username or email'), for: 'user_login', class: 'label-bold'
+    = f.text_field :login, class: 'form-control top', autofocus: 'autofocus', autocapitalize: 'off', autocorrect: 'off', required: true, title: _('This field is required.'), data: { qa_selector: 'login_field' }
   .form-group
     = f.label :password, class: 'label-bold'
-    = f.password_field :password, class: "form-control bottom", required: true, title: "This field is required.", data: { qa_selector: 'password_field' }
+    = f.password_field :password, class: 'form-control bottom', required: true, title: _('This field is required.'), data: { qa_selector: 'password_field' }
   - if devise_mapping.rememberable?
     .remember-me
-      %label{ for: "user_remember_me" }
+      %label{ for: 'user_remember_me' }
         = f.check_box :remember_me, class: 'remember-me-checkbox'
         %span Remember me
-      .float-right.forgot-password
-        = link_to "Forgot your password?", new_password_path(:user)
+      .float-right
+        - if unconfirmed_email?
+          = link_to _('Resend confirmation email'), new_user_confirmation_path
+        - else
+          = link_to _('Forgot your password?'), new_password_path(:user)
     %div
     - if captcha_enabled?
       = recaptcha_tags
 
   .submit-container.move-submit-down
-    = f.submit "Sign in", class: "btn btn-success", data: { qa_selector: 'sign_in_button' }
+    = f.submit _('Sign in'), class: 'btn btn-success', data: { qa_selector: 'sign_in_button' }
diff --git a/changelogs/unreleased/65483-add-a-resend-confirmation-link.yml b/changelogs/unreleased/65483-add-a-resend-confirmation-link.yml
new file mode 100644
index 00000000000..a5f62dbcd56
--- /dev/null
+++ b/changelogs/unreleased/65483-add-a-resend-confirmation-link.yml
@@ -0,0 +1,5 @@
+---
+title: Allow users to resend a confirmation link when the grace period has expired
+merge_request: 31476
+author:
+type: changed
diff --git a/locale/gitlab.pot b/locale/gitlab.pot
index c91c220f696..dd69fa1f8f6 100644
--- a/locale/gitlab.pot
+++ b/locale/gitlab.pot
@@ -5077,6 +5077,9 @@ msgstr ""
 msgid "For public projects, anyone can view pipelines and access job details (output logs and artifacts)"
 msgstr ""
 
+msgid "Forgot your password?"
+msgstr ""
+
 msgid "Fork"
 msgstr ""
 
@@ -12527,6 +12530,9 @@ msgstr ""
 msgid "Username is available."
 msgstr ""
 
+msgid "Username or email"
+msgstr ""
+
 msgid "Users"
 msgstr ""
 
diff --git a/spec/features/users/login_spec.rb b/spec/features/users/login_spec.rb
index dac8c8e7a29..1d8c9e7e426 100644
--- a/spec/features/users/login_spec.rb
+++ b/spec/features/users/login_spec.rb
@@ -95,6 +95,42 @@ describe 'Login' do
     end
   end
 
+  describe 'with an unconfirmed email address' do
+    let!(:user) { create(:user, confirmed_at: nil) }
+    let(:grace_period) { 2.days }
+
+    before do
+      stub_application_setting(send_user_confirmation_email: true)
+      allow(User).to receive(:allow_unconfirmed_access_for).and_return grace_period
+    end
+
+    context 'within the grace period' do
+      it 'allows to login' do
+        expect(authentication_metrics).to increment(:user_authenticated_counter)
+
+        gitlab_sign_in(user)
+
+        expect(page).not_to have_content('You have to confirm your email address before continuing.')
+        expect(page).not_to have_link('Resend confirmation email', href: new_user_confirmation_path)
+      end
+    end
+
+    context 'when the confirmation grace period is expired' do
+      it 'prevents the user from logging in and renders a resend confirmation email link' do
+        travel_to((grace_period + 1.day).from_now) do
+          expect(authentication_metrics)
+            .to increment(:user_unauthenticated_counter)
+            .and increment(:user_session_destroyed_counter).twice
+
+          gitlab_sign_in(user)
+
+          expect(page).to have_content('You have to confirm your email address before continuing.')
+          expect(page).to have_link('Resend confirmation email', href: new_user_confirmation_path)
+        end
+      end
+    end
+  end
+
   describe 'with the ghost user' do
     it 'disallows login' do
       expect(authentication_metrics)
diff --git a/spec/helpers/sessions_helper_spec.rb b/spec/helpers/sessions_helper_spec.rb
new file mode 100644
index 00000000000..647771ace92
--- /dev/null
+++ b/spec/helpers/sessions_helper_spec.rb
@@ -0,0 +1,17 @@
+# frozen_string_literal: true
+
+require 'spec_helper'
+
+describe SessionsHelper do
+  describe '#unconfirmed_email?' do
+    it 'returns true when the flash alert contains a devise failure unconfirmed message' do
+      flash[:alert] = t(:unconfirmed, scope: [:devise, :failure])
+      expect(helper.unconfirmed_email?).to be_truthy
+    end
+
+    it 'returns false when the flash alert does not contain a devise failure unconfirmed message' do
+      flash[:alert] = 'something else'
+      expect(helper.unconfirmed_email?).to be_falsey
+    end
+  end
+end