I wonder if there is some easy way to create a register system with email confirmation that will allow user to login even if user is unconfirmed but if user is unconfirmed I want to grant that user some limited access and after email confirmation unlock all functionalities.
For example if user is unconfirmed then can change some basic info like First name but can’t create any content
Apply your custom code here in callback (login) function and you can give access to the unconfirm users for login.
Just make sure you to add a flag in response to identify in frontend if the user is confirmed or not, by that way you can use Authorization.
No, this won’t break even after strapi version update as the code is cloned to src/extensions.
I am using it from past 1 year with version updates.
Haven’t faced any issue till now.
Rest of the methods are related to the other Auth APIs. For your login time requirement, you can use callback() method.
Check the SS I have shared you in DM for clarification purpose.