From 682193d116cfb0ded09045e8cc75d219426398a6 Mon Sep 17 00:00:00 2001
From: jvelilla <javier.hector@gmail.com>
Date: Wed, 30 Dec 2015 12:32:00 -0300
Subject: [PATCH 1/8] Updated Register Module.

Worlflow

1- Register
1.1 Create a new temporal user
1.2 Email to the new User
1.3 Email to Web Master
2 Web Master Review th Account Application
2.1 Accept and Send an confirmation email to the user and remove the temporal user
2.2 Reject the application send a rejection email to the user and remove the temporal

Added a new table to save temporal users to review their Application to the site.
Updated Register Form with an new input Application and Recaptcha validation.
Updated Emails templates and messages. (TODO improve messages)
Updated mails templates. Simple messages (Todo improve messages).
Added a new handler to reject a user
Updated existing hanlders to handler the new workflow.
---
 .../demo/site/modules/auth/config/auth.json   |   8 +
 .../mail_templates/account_activation.html    |  12 +-
 .../account_activation_confirmation.html      |  14 +
 .../mail_templates/account_evaluation.html    |  26 ++
 .../auth/mail_templates/account_rejected.html |  13 +
 .../modules/auth/scripts/auth_temp_user.sql   |  13 +
 .../auth/templates/block_post_register.tpl    |   2 +-
 .../modules/auth/templates/block_register.tpl |  15 +-
 library/email/email_service.e                 |   8 +-
 library/recaptcha/Readme.md                   |   4 +
 library/recaptcha/license.lic                 |  10 +
 library/recaptcha/recaptcha-safe.ecf          |  20 ++
 library/recaptcha/recaptcha.ecf               |  22 ++
 library/recaptcha/src/recaptcha_api.e         | 147 ++++++++
 library/recaptcha/test/application.e          |  61 ++++
 .../recaptcha/test/recaptcha_api_test_set.e   |  69 ++++
 library/recaptcha/test/test.ecf               |  21 ++
 modules/auth/auth-safe.ecf                    |   1 +
 modules/auth/cms_auth_api.e                   |  93 +++++
 ..._authentication_email_service_parameters.e |  99 +++++-
 modules/auth/cms_authentication_module.e      | 317 +++++++++++++++---
 .../auth/cms_authenticaton_email_service.e    |  52 ++-
 modules/auth/model/cms_temporal_user.e        |  32 ++
 modules/auth/persistence/cms_auth_storage_i.e |  75 +++++
 .../auth/persistence/cms_auth_storage_null.e  |  62 ++++
 .../auth/persistence/cms_auth_storage_sql.e   | 256 ++++++++++++++
 modules/auth/site/config/auth.json            |   8 +
 .../mail_templates/account_activation.html    |  12 +-
 .../account_activation_confirmation.html      |  14 +
 .../mail_templates/account_evaluation.html    |  26 ++
 .../site/mail_templates/account_rejected.html |  13 +
 modules/auth/site/scripts/auth_temp_user.tpl  |  13 +
 .../site/templates/block_post_reactivate.tpl  |   2 +-
 .../site/templates/block_post_register.tpl    |   2 +-
 34 files changed, 1457 insertions(+), 85 deletions(-)
 create mode 100644 examples/demo/site/modules/auth/config/auth.json
 create mode 100644 examples/demo/site/modules/auth/mail_templates/account_activation_confirmation.html
 create mode 100644 examples/demo/site/modules/auth/mail_templates/account_evaluation.html
 create mode 100644 examples/demo/site/modules/auth/mail_templates/account_rejected.html
 create mode 100644 examples/demo/site/modules/auth/scripts/auth_temp_user.sql
 create mode 100644 library/recaptcha/Readme.md
 create mode 100644 library/recaptcha/license.lic
 create mode 100644 library/recaptcha/recaptcha-safe.ecf
 create mode 100644 library/recaptcha/recaptcha.ecf
 create mode 100644 library/recaptcha/src/recaptcha_api.e
 create mode 100644 library/recaptcha/test/application.e
 create mode 100644 library/recaptcha/test/recaptcha_api_test_set.e
 create mode 100644 library/recaptcha/test/test.ecf
 create mode 100644 modules/auth/cms_auth_api.e
 create mode 100644 modules/auth/model/cms_temporal_user.e
 create mode 100644 modules/auth/persistence/cms_auth_storage_i.e
 create mode 100644 modules/auth/persistence/cms_auth_storage_null.e
 create mode 100644 modules/auth/persistence/cms_auth_storage_sql.e
 create mode 100644 modules/auth/site/config/auth.json
 create mode 100644 modules/auth/site/mail_templates/account_activation_confirmation.html
 create mode 100644 modules/auth/site/mail_templates/account_evaluation.html
 create mode 100644 modules/auth/site/mail_templates/account_rejected.html
 create mode 100644 modules/auth/site/scripts/auth_temp_user.tpl

diff --git a/examples/demo/site/modules/auth/config/auth.json b/examples/demo/site/modules/auth/config/auth.json
new file mode 100644
index 0000000..a81ab66
--- /dev/null
+++ b/examples/demo/site/modules/auth/config/auth.json
@@ -0,0 +1,8 @@
+{
+	"email": "webmaster@eiffel.org",
+	"subject": "Thank you for contacting us",
+    "recaptcha": {
+     		"site_key":"6Lex9RMTAAAAAKleC4x6TaRlFcpLbEWgH_U7MSiD",
+     		"secret_key":"6Lex9RMTAAAAAAkBczvX5DUiyg_xoM_EthVVgRRx"
+     }	
+}
diff --git a/examples/demo/site/modules/auth/mail_templates/account_activation.html b/examples/demo/site/modules/auth/mail_templates/account_activation.html
index 0ab4c4f..0d404a0 100644
--- a/examples/demo/site/modules/auth/mail_templates/account_activation.html
+++ b/examples/demo/site/modules/auth/mail_templates/account_activation.html
@@ -1,5 +1,5 @@
 <!doctype html>
-<html lang="en">
+	<html lang="en">
 	<head>
 	  <meta charset="utf-8">
 	  <title>Activation</title>
@@ -8,11 +8,7 @@
 	</head>
 
 	<body>
-		<p>Thank you for registering at <a href="$host">ROC CMS</a></p>
-
-		<p>To complete your registration, please click on this link to activate your account:<p>
-
-		<p><a href="$link">$link</a></p>
-		<p>Thank you for joining us.</p>
+		<p>Thank you for applying to  <a href="$host">ROC CMS</a> $user</p>
+		<p>We will review your application and send you a resolution<p>
 	</body>
-</html>
+</html>
\ No newline at end of file
diff --git a/examples/demo/site/modules/auth/mail_templates/account_activation_confirmation.html b/examples/demo/site/modules/auth/mail_templates/account_activation_confirmation.html
new file mode 100644
index 0000000..efc5087
--- /dev/null
+++ b/examples/demo/site/modules/auth/mail_templates/account_activation_confirmation.html
@@ -0,0 +1,14 @@
+<!doctype html>
+<html lang="en">
+	<head>
+	  <meta charset="utf-8">
+	  <title>Activation</title>
+	  <meta name="description" content="Activation Confirmation">
+	  <meta name="author" content="ROC CMS">
+	</head>
+
+	<body>
+		<p>Your account has been confirmed  <a href="...">ROC CMS</a></p>
+		<p>Thank you for joining us.</p>
+	</body>
+</html>
\ No newline at end of file
diff --git a/examples/demo/site/modules/auth/mail_templates/account_evaluation.html b/examples/demo/site/modules/auth/mail_templates/account_evaluation.html
new file mode 100644
index 0000000..002292d
--- /dev/null
+++ b/examples/demo/site/modules/auth/mail_templates/account_evaluation.html
@@ -0,0 +1,26 @@
+<!doctype html>
+<html lang="en">
+<head>
+  <meta charset="utf-8">
+  <title>Account Evaluation</title>
+  <meta name="description" content="Account Evaluation">
+  <meta name="author" content="ROC CMS">
+</head>
+
+<body>
+    <h2> Account Evaluation </h2>
+	<p>The user $user ($email) wants to register to the site <a href="$host">ROC CMS</a></p>
+
+	<blockquote><p>This is his/her application.</p>
+	  <p>$application</p>
+	</blockquote>
+
+	<p>To complete the registration, please click on the following link to activate the user account:<p>
+
+	<p><a href="$activate">$activate</a></p>
+
+	<p>To reject the registration, please click on the following link <p>
+
+	<p><a href="$reject">$reject</a></p>
+</body>
+</html>
diff --git a/examples/demo/site/modules/auth/mail_templates/account_rejected.html b/examples/demo/site/modules/auth/mail_templates/account_rejected.html
new file mode 100644
index 0000000..9cefb80
--- /dev/null
+++ b/examples/demo/site/modules/auth/mail_templates/account_rejected.html
@@ -0,0 +1,13 @@
+<!doctype html>
+<html lang="en">
+	<head>
+	  <meta charset="utf-8">
+	  <title>New Activation</title>
+	  <meta name="description" content="Application Rejected">
+	  <meta name="author" content="ROC CMS">
+	</head>
+
+	<body>
+		<p>You requested has been rejected, your application does not conform our rules <a href="...">ROC CMS</a></p>
+	</body>
+</html>
\ No newline at end of file
diff --git a/examples/demo/site/modules/auth/scripts/auth_temp_user.sql b/examples/demo/site/modules/auth/scripts/auth_temp_user.sql
new file mode 100644
index 0000000..38ae29b
--- /dev/null
+++ b/examples/demo/site/modules/auth/scripts/auth_temp_user.sql
@@ -0,0 +1,13 @@
+
+DROP TABLE IF EXISTS "auth_temp_user";
+CREATE TABLE `auth_temp_user` (
+  `uid` INTEGER PRIMARY KEY AUTOINCREMENT NOT NULL,
+  `name` VARCHAR(100) NOT NULL,
+  `password` VARCHAR(100) NOT NULL,
+  `salt` VARCHAR(100) NOT NULL,
+  `email` VARCHAR(250) NOT NULL,
+  `application` TEXT NOT NULL, 
+  CONSTRAINT `name`
+    UNIQUE(`name`)
+);
+
diff --git a/examples/demo/site/modules/auth/templates/block_post_register.tpl b/examples/demo/site/modules/auth/templates/block_post_register.tpl
index d59f75a..c76cbb5 100644
--- a/examples/demo/site/modules/auth/templates/block_post_register.tpl
+++ b/examples/demo/site/modules/auth/templates/block_post_register.tpl
@@ -1,3 +1,3 @@
 <div>
-    <p>Thanks for register, check your email to activate your account.</p>
+    <p>Thanks for your application, we will review it to activate your account.</p>
 </div>
diff --git a/examples/demo/site/modules/auth/templates/block_register.tpl b/examples/demo/site/modules/auth/templates/block_register.tpl
index 9e7c478..2b56ea9 100644
--- a/examples/demo/site/modules/auth/templates/block_register.tpl
+++ b/examples/demo/site/modules/auth/templates/block_register.tpl
@@ -20,8 +20,19 @@
                     <span><i>{$error_email/}</i></span> <br>
                 {/if}
             </div>
-            
-            
+            <div>
+               <textarea rows="4" cols="50" name="application" id="application" required>
+			   				{$application/}
+			   </textarea>
+			   <label for="application">Application Sentence</label>
+                {if isset="$error_application"}
+                    <span><i>{$error_application/}</i></span> <br>
+                {/if}
+            </div>
+            {unless isempty="$recaptcha_site_key"}
+        		<div class="g-recaptcha" data-sitekey="{$recaptcha_site_key/}"></div>
+        	<br/>
+			{/unless}
             <button type="submit">Register</button>
         </fieldset>    
     </form>
diff --git a/library/email/email_service.e b/library/email/email_service.e
index 1e1c19b..03073a7 100644
--- a/library/email/email_service.e
+++ b/library/email/email_service.e
@@ -35,12 +35,14 @@ feature {NONE} -- Initialization
 	parameters: EMAIL_SERVICE_PARAMETERS
 			-- Associated parameters.
 
-	admin_email: IMMUTABLE_STRING_8
-			-- Site admin's email.
-
 	mailer: NOTIFICATION_MAILER
 			-- SMTP protocol.
 
+feature -- Access
+
+	admin_email: IMMUTABLE_STRING_8
+			-- Site admin's email.
+
 feature -- Basic Operations
 
 	send_internal_email (a_content: READABLE_STRING_GENERAL)
diff --git a/library/recaptcha/Readme.md b/library/recaptcha/Readme.md
new file mode 100644
index 0000000..aaa8522
--- /dev/null
+++ b/library/recaptcha/Readme.md
@@ -0,0 +1,4 @@
+Recaptcha Eiffel Lbrary
+
+Based on https://developers.google.com/recaptcha/
+
diff --git a/library/recaptcha/license.lic b/library/recaptcha/license.lic
new file mode 100644
index 0000000..93c113a
--- /dev/null
+++ b/library/recaptcha/license.lic
@@ -0,0 +1,10 @@
+${NOTE_KEYWORD}
+	copyright: "2011-${YEAR} Javier Velilla, Jocelyn Fiat, Eiffel Software and others"
+	license: "Eiffel Forum License v2 (see http://www.eiffel.com/licensing/forum.txt)"
+	source: "[
+			Eiffel Software
+			5949 Hollister Ave., Goleta, CA 93117 USA
+			Telephone 805-685-1006, Fax 805-685-6869
+			Website http://www.eiffel.com
+			Customer support http://support.eiffel.com
+		]"
diff --git a/library/recaptcha/recaptcha-safe.ecf b/library/recaptcha/recaptcha-safe.ecf
new file mode 100644
index 0000000..ca1015e
--- /dev/null
+++ b/library/recaptcha/recaptcha-safe.ecf
@@ -0,0 +1,20 @@
+<?xml version="1.0" encoding="ISO-8859-1"?>
+<system xmlns="http://www.eiffel.com/developers/xml/configuration-1-15-0" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" xsi:schemaLocation="http://www.eiffel.com/developers/xml/configuration-1-15-0 http://www.eiffel.com/developers/xml/configuration-1-15-0.xsd" name="recaptcha" uuid="2A966489-284A-48A0-91BC-31E84EA9C3B1" library_target="recaptcha">
+	<target name="recaptcha">
+		<root all_classes="true"/>
+		<file_rule>
+			<exclude>/.git$</exclude>
+			<exclude>/EIFGENs$</exclude>
+			<exclude>/CVS$</exclude>
+			<exclude>/.svn$</exclude>
+		</file_rule>
+		<option warning="true" is_obsolete_routine_type="true" void_safety="all">
+			<assertions precondition="true" postcondition="true" check="true" invariant="true" loop="true" supplier_precondition="true"/>
+		</option>
+		<setting name="console_application" value="true"/>
+		<library name="base" location="$ISE_LIBRARY\library\base\base-safe.ecf"/>
+		<library name="http_client_extension" location="$ISE_LIBRARY\unstable\library\web\cms\library\http_client_extension\http_client_extension-safe.ecf"/>
+		<library name="json" location="$ISE_LIBRARY\contrib\library\text\parser\json\library\json-safe.ecf" readonly="false"/>
+		<cluster name="recaptcha" location=".\src\" recursive="true"/>
+	</target>
+</system>
diff --git a/library/recaptcha/recaptcha.ecf b/library/recaptcha/recaptcha.ecf
new file mode 100644
index 0000000..ad960b8
--- /dev/null
+++ b/library/recaptcha/recaptcha.ecf
@@ -0,0 +1,22 @@
+<?xml version="1.0" encoding="ISO-8859-1"?>
+<system xmlns="http://www.eiffel.com/developers/xml/configuration-1-13-0" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" xsi:schemaLocation="http://www.eiffel.com/developers/xml/configuration-1-13-0 http://www.eiffel.com/developers/xml/configuration-1-13-0.xsd" name="recaptcha" uuid="2A966489-284A-48A0-91BC-31E84EA9C3B1" library_target="recaptcha">
+	<target name="recaptcha">
+		<root all_classes="true"/>
+			<file_rule>
+				<exclude>/.git$</exclude>
+				<exclude>/EIFGENs$</exclude>
+				<exclude>/CVS$</exclude>
+				<exclude>/.svn$</exclude>
+			</file_rule>
+		<option warning="true" void_safety="none">
+			<assertions precondition="true" postcondition="true" check="true" invariant="true" loop="true" supplier_precondition="true"/>
+		</option>
+		<setting name="console_application" value="true"/>
+		<library name="base" location="$ISE_LIBRARY\library\base\base.ecf"/>
+		<library name="base_extension" location="$ISE_LIBRARY\library\base_extension\base_extension.ecf"/>
+		<library name="http_client_extension" location="$ISE_LIBRARY\unstable\library\web\cms\library\http_client_extension\http_client_extension.ecf"/>
+		<library name="json" location="$ISE_LIBRARY\contrib\library\text\parser\json\library\json.ecf" readonly="false"/>
+		<cluster name="recaptcha" location=".\src\" recursive="true">
+		</cluster>
+	</target>
+</system>
diff --git a/library/recaptcha/src/recaptcha_api.e b/library/recaptcha/src/recaptcha_api.e
new file mode 100644
index 0000000..1149a4b
--- /dev/null
+++ b/library/recaptcha/src/recaptcha_api.e
@@ -0,0 +1,147 @@
+note
+	description: "[
+		Simple API to call {RECAPTCHA} Google API.
+		Example call:
+		https://www.google.com/recaptcha/api/siteverify?secret=your_secret&response=response_string&remoteip=user_ip_address
+	]"
+	date: "$Date: 2015-01-28 11:44:15 -0300 (mi. 28 de ene. de 2015) $"
+	revision: "$Revision: 96551 $"
+	EIS: "name=RECAPTCHA", "src=https://developers.google.com/recaptcha/", "protocol=uri"
+	EIS: "name=RECAPTCHA API verify", "src=https://developers.google.com/recaptcha/docs/verify", "protocol=uri"
+
+class
+	RECAPTCHA_API
+
+create
+	make
+
+feature {NONE} -- Initialization
+
+	make (a_secret_key, a_response: READABLE_STRING_8)
+			-- Create an object Recaptcha with secret key `a_secret_key' and response token `a_response'.
+		do
+			secret := a_secret_key
+			response := a_response
+		ensure
+			secret_set: secret.same_string (a_secret_key)
+			response_set: response.same_string (a_response)
+		end
+
+feature -- Access
+
+	base_uri: STRING_8 = "https://www.google.com/recaptcha/api/siteverify"
+			-- Recaptcha base URI
+
+	secret: READABLE_STRING_8
+			-- Required. The shared key between your site and ReCAPTCHA.
+
+	response: READABLE_STRING_8
+			-- Required. The user response token provided by the reCAPTCHA to the user and provided to your site on.
+
+	remoteip: detachable READABLE_STRING_8
+			-- Optional. The user's IP address.
+
+feature -- Status Reports
+
+	errors: detachable LIST [READABLE_STRING_8]
+			-- optional table of error codes
+			-- missing-input-secret		The secret parameter is missing.
+			-- invalid-input-secret		The secret parameter is invalid or malformed.
+			-- missing-input-response	The response parameter is missing.
+			-- invalid-input-response	The response parameter is invalid or malformed.
+
+feature -- Change Element
+
+	set_remoteip (a_remoteip: READABLE_STRING_8)
+			-- Set `remoteip' with `a_remoteip'.
+		do
+			remoteip := a_remoteip
+		ensure
+			remoteip_set: remoteip = a_remoteip
+		end
+
+feature -- API
+
+	verify: BOOLEAN
+			-- Verify the user's response
+		local
+			l_parser: JSON_PARSER
+		do
+			if attached get as l_response then
+				if attached l_response.body as l_body then
+					create l_parser.make_with_string (l_body)
+					l_parser.parse_content
+					if
+						l_parser.is_parsed and then attached {JSON_OBJECT} l_parser.parsed_json_object as jv and then
+						attached {JSON_BOOLEAN} jv.item ("success") as l_success
+					then
+						Result := l_success.item
+						if not Result and then attached {JSON_ARRAY} jv.item ("error-codes") as l_error_codes then
+							across
+								l_error_codes as c
+							loop
+								if attached {JSON_STRING} c.item as ji then
+									put_error (ji.unescaped_string_32)
+								end
+							end
+						end
+					end
+				else
+					put_error (l_response.status.out)
+				end
+			else
+				put_error ("unknown")
+			end
+		end
+
+feature {NONE} -- REST API
+
+	get: detachable RESPONSE
+			-- Reading Data
+		local
+			l_request: REQUEST
+		do
+			create l_request.make ("GET", new_uri)
+			Result := l_request.execute
+		end
+
+feature {NONE} -- Implementation
+
+	new_uri: STRING_8
+			-- new uri (BaseUri?secret=secret_value&response=response_value[&remoteip=remoteip_value]
+		do
+			create Result.make_from_string (base_uri)
+			Result.append ("?secret=")
+			Result.append (secret)
+			Result.append ("&response=")
+			Result.append (response)
+			if attached remoteip as l_remoteip then
+				Result.append ("&remoteip=" + l_remoteip)
+			end
+		end
+
+	put_error (a_code: READABLE_STRING_GENERAL)
+		local
+			l_errors: like errors
+			utf: UTF_CONVERTER
+		do
+			l_errors := errors
+			if l_errors = Void then
+				create {ARRAYED_LIST [STRING]} l_errors.make (1)
+				errors := l_errors
+			end
+			l_errors.force (utf.utf_32_string_to_utf_8_string_8 (a_code))
+		end
+
+note
+	copyright: "2011-2015 Javier Velilla, Jocelyn Fiat, Eiffel Software and others"
+	license: "Eiffel Forum License v2 (see http://www.eiffel.com/licensing/forum.txt)"
+	source: "[
+			Eiffel Software
+			5949 Hollister Ave., Goleta, CA 93117 USA
+			Telephone 805-685-1006, Fax 805-685-6869
+			Website http://www.eiffel.com
+			Customer support http://support.eiffel.com
+		]"
+
+end
diff --git a/library/recaptcha/test/application.e b/library/recaptcha/test/application.e
new file mode 100644
index 0000000..2e0e25b
--- /dev/null
+++ b/library/recaptcha/test/application.e
@@ -0,0 +1,61 @@
+note
+	description : "test application root class"
+	date        : "$Date: 2015-01-14 15:37:57 -0300 (mi. 14 de ene. de 2015) $"
+	revision    : "$Revision: 96458 $"
+
+class
+	APPLICATION
+
+inherit
+	ARGUMENTS
+
+create
+	make
+
+feature {NONE} -- Initialization
+
+	make
+			-- Run application.
+		do
+			test_invalid_input
+			test_missing_input
+			test_missing_key_input
+		end
+
+
+	test_invalid_input
+			-- invalid-input-response
+		local
+			l_captcha: RECAPTCHA_API
+		do
+			create l_captcha.make ("","234")
+			check
+				not_true:not l_captcha.verify
+			end
+		end
+
+	test_missing_input
+			-- missing-input-response
+		local
+			l_captcha: RECAPTCHA_API
+		do
+			create l_captcha.make ("key","")
+			check
+				not_true:not l_captcha.verify
+			end
+		end
+
+	test_missing_key_input
+			-- missing-input-response
+			-- invalid-input-response
+		local
+			l_captcha: RECAPTCHA_API
+		do
+			create l_captcha.make ("","")
+			l_captcha.set_remoteip("localhost")
+			check
+				not_true:not l_captcha.verify
+			end
+		end
+
+end
diff --git a/library/recaptcha/test/recaptcha_api_test_set.e b/library/recaptcha/test/recaptcha_api_test_set.e
new file mode 100644
index 0000000..4deb220
--- /dev/null
+++ b/library/recaptcha/test/recaptcha_api_test_set.e
@@ -0,0 +1,69 @@
+note
+	description: "[
+		Eiffel tests that can be executed by testing tool.
+	]"
+	author: "EiffelStudio test wizard"
+	date: "$Date: 2015-01-14 15:37:57 -0300 (mi. 14 de ene. de 2015) $"
+	revision: "$Revision: 96458 $"
+	testing: "type/manual"
+
+class
+	RECAPTCHA_API_TEST_SET
+
+inherit
+	EQA_TEST_SET
+
+feature -- Test routines
+
+	test_invalid_input
+			-- invalid-input-response
+		local
+			l_captcha: RECAPTCHA_API
+		do
+			create l_captcha.make ("","234")
+			check
+				not_true:not l_captcha.verify
+			end
+			assert ("Not true", not l_captcha.verify)
+			assert ("Has error invalid-input-response",has_error (l_captcha,"invalid-input-response"))
+		end
+
+	test_missing_input
+			-- missing-input-response
+		local
+			l_captcha: RECAPTCHA_API
+		do
+			create l_captcha.make ("key","")
+			check
+				not_true:not l_captcha.verify
+			end
+			assert ("Not true", not l_captcha.verify)
+			assert ("Has error missing-input-response",has_error (l_captcha,"missing-input-response"))
+		end
+
+	test_missing_key_input
+			-- missing-input-response
+			-- invalid-input-response
+		local
+			l_captcha: RECAPTCHA_API
+		do
+			create l_captcha.make ("","")
+			l_captcha.set_remoteip("localhost")
+			assert ("Not true", not l_captcha.verify)
+			assert ("Has error missing-input-response",has_error (l_captcha,"missing-input-response"))
+			assert ("Has error invalid-input-response",has_error (l_captcha,"invalid-input-response"))
+		end
+
+feature {NONE} -- Implementation
+
+	has_error (l_captcha: RECAPTCHA_API; a_error: READABLE_STRING_32): BOOLEAN
+		do
+			if attached l_captcha.errors as l_errors then
+				l_errors.compare_objects
+				Result := l_errors.has (a_error)
+			end
+		end
+
+end
+
+
diff --git a/library/recaptcha/test/test.ecf b/library/recaptcha/test/test.ecf
new file mode 100644
index 0000000..879c446
--- /dev/null
+++ b/library/recaptcha/test/test.ecf
@@ -0,0 +1,21 @@
+<?xml version="1.0" encoding="ISO-8859-1"?>
+<system xmlns="http://www.eiffel.com/developers/xml/configuration-1-13-0" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" xsi:schemaLocation="http://www.eiffel.com/developers/xml/configuration-1-13-0 http://www.eiffel.com/developers/xml/configuration-1-13-0.xsd" name="test" uuid="CE9FCE69-EE0A-4028-AA02-BD9F8ABA7586">
+	<target name="test">
+		<root class="APPLICATION" feature="make"/>
+		<option warning="true" void_safety="transitional">
+			<assertions precondition="true" postcondition="true" check="true" invariant="true" loop="true" supplier_precondition="true"/>
+		</option>
+		<setting name="console_application" value="true"/>
+		<precompile name="base_pre" location="$ISE_PRECOMP\base-safe.ecf"/>
+		<library name="base" location="$ISE_LIBRARY\library\base\base-safe.ecf"/>
+		<library name="recaptcha" location="..\recaptcha-safe.ecf" readonly="false"/>
+		<library name="testing" location="$ISE_LIBRARY\library\testing\testing-safe.ecf"/>
+		<cluster name="test" location=".\" recursive="true">
+			<file_rule>
+				<exclude>/EIFGENs$</exclude>
+				<exclude>/CVS$</exclude>
+				<exclude>/.svn$</exclude>
+			</file_rule>
+		</cluster>
+	</target>
+</system>
diff --git a/modules/auth/auth-safe.ecf b/modules/auth/auth-safe.ecf
index 5824089..29c2183 100644
--- a/modules/auth/auth-safe.ecf
+++ b/modules/auth/auth-safe.ecf
@@ -23,6 +23,7 @@
 		<library name="error" location="$ISE_LIBRARY\contrib\library\utility\general\error\error-safe.ecf"/>
 
 		<library name="email_service" location="..\..\library\email\email-safe.ecf"/>
+		<library name="recaptcha" location="..\..\library\recaptcha\recaptcha-safe.ecf"/>
 
 		<library name="apis" location="$ISE_LIBRARY\contrib\library\web\authentication\oauth\cypress\consumer\apis\apis.ecf" readonly="false"/>	
 		<library name="cypress_consumer" location="$ISE_LIBRARY\contrib\library\web\authentication\oauth\cypress\consumer-safe.ecf" readonly="false"/>
diff --git a/modules/auth/cms_auth_api.e b/modules/auth/cms_auth_api.e
new file mode 100644
index 0000000..22bbf0d
--- /dev/null
+++ b/modules/auth/cms_auth_api.e
@@ -0,0 +1,93 @@
+note
+	description: "Summary description for {CMS_AUTH_API}."
+	author: ""
+	date: "$Date$"
+	revision: "$Revision$"
+
+class
+	CMS_AUTH_API
+
+inherit
+	CMS_MODULE_API
+
+	REFACTORING_HELPER
+
+create {CMS_AUTHENTICATION_MODULE}
+	make_with_storage
+
+feature {NONE} -- Initialization
+
+	make_with_storage (a_api: CMS_API; a_auth_storage: CMS_AUTH_STORAGE_I)
+			-- Create an object with api `a_api' and storage `a_auth_storage'.
+		do
+			auth_storage := a_auth_storage
+			make (a_api)
+		ensure
+			auht_storage_set:  auth_storage = a_auth_storage
+		end
+
+feature -- Access
+
+	user_by_name (a_username: READABLE_STRING_32): detachable CMS_USER
+			-- User by name `a_user_name', if any.
+		do
+			Result := auth_storage.user_by_name (a_username)
+		end
+
+	user_by_email (a_email: READABLE_STRING_32): detachable CMS_USER
+			-- User by email `a_email', if any.
+		do
+			Result := auth_storage.user_by_email (a_email)
+		end
+
+	user_by_activation_token (a_token: READABLE_STRING_32): detachable CMS_USER
+			-- User by activation token `a_token'.
+		do
+			Result := auth_storage.user_by_activation_token (a_token)
+		end
+
+
+feature -- Temp User
+
+	new_temp_user (a_user: CMS_TEMPORAL_USER)
+			-- Add a new user `a_user'.
+		require
+			no_id: not a_user.has_id
+			no_hashed_password: a_user.hashed_password = Void
+		do
+			reset_error
+			if
+				attached a_user.password as l_password and then
+				attached a_user.email as l_email
+			then
+				auth_storage.new_temp_user (a_user)
+				error_handler.append (storage.error_handler)
+			else
+				error_handler.add_custom_error (0, "bad new user request", "Missing password or email to create new user!")
+			end
+		end
+
+	remove_activation (a_token: READABLE_STRING_32)
+			-- Remove activation token `a_token', from the storage.
+		do
+			auth_storage.remove_activation (a_token)
+		end
+
+	delete_user (a_user: CMS_TEMPORAL_USER)
+			-- Delete user `a_user'.
+		require
+			has_id: a_user.has_id
+		do
+			reset_error
+			auth_storage.delete_user (a_user)
+			error_handler.append (storage.error_handler)
+		end
+
+feature {CMS_MODULE} -- Access: User auth storage.
+
+	auth_storage: CMS_AUTH_STORAGE_I
+			-- storage interface.
+
+feature -- Access: User Temp
+
+end
diff --git a/modules/auth/cms_authentication_email_service_parameters.e b/modules/auth/cms_authentication_email_service_parameters.e
index efb7b2a..d340cf5 100644
--- a/modules/auth/cms_authentication_email_service_parameters.e
+++ b/modules/auth/cms_authentication_email_service_parameters.e
@@ -88,6 +88,11 @@ feature {NONE} -- Initialization
 				contact_subject_oauth := "Welcome."
 			end
 
+			contact_subject_account_evaluation := "New register, account evalution"
+
+			contact_subject_rejected := "Your account was rejected"
+
+			contact_subject_activated := "Your account was activated"
 		end
 
 feature	-- Access
@@ -101,10 +106,20 @@ feature	-- Access
 	contact_email: IMMUTABLE_STRING_8
 			-- Contact email.
 
+	contact_subject_account_evaluation: IMMUTABLE_STRING_8
 	contact_subject_register: IMMUTABLE_STRING_8
 	contact_subject_activate: IMMUTABLE_STRING_8
 	contact_subject_password: IMMUTABLE_STRING_8
 	contact_subject_oauth: IMMUTABLE_STRING_8
+	contact_subject_rejected: IMMUTABLE_STRING_8
+	contact_subject_activated: IMMUTABLE_STRING_8
+
+
+	account_evaluation: STRING
+			-- Account evaluation template email message.
+		do
+			Result := template_string ("account_evaluation.html", default_template_account_evaluation)
+		end
 
 	account_activation: STRING
 			-- Account activation template email message.
@@ -112,12 +127,24 @@ feature	-- Access
 			Result := template_string ("account_activation.html", default_template_account_activation)
 		end
 
+	account_activation_confirmation: STRING
+			-- Account activation confirmation template email message.
+		do
+			Result := template_string ("account_activation_confirmation.html", default_template_account_activation_confirmation)
+		end
+
 	account_re_activation: STRING
 			-- Account re_activation template email message.
 		do
 			Result := template_string ("accunt_re_activation.html", default_template_account_re_activation)
 		end
 
+	account_rejected: STRING
+			-- Account rejected template email message.
+		do
+			Result := template_string ("accunt_rejected.html", default_template_account_rejected)
+		end
+
 	account_password: STRING
 			-- Account password template email message.
 		do
@@ -146,7 +173,7 @@ feature {NONE} -- Implementation: Template
 		local
 			p: PATH
 		do
-			p := template_path ("account_activation.html")
+			p := template_path (a_name)
 			if attached read_template_file (p) as l_content then
 				Result := l_content
 			else
@@ -177,6 +204,36 @@ feature {NONE} -- Implementation
 
 feature {NONE} -- Message email
 
+	default_template_account_evaluation: STRING = "[
+		<!doctype html>
+		<html lang="en">
+		<head>
+		  <meta charset="utf-8">
+		  <title>Account Evaluation</title>
+		  <meta name="description" content="Account Evaluation">
+		  <meta name="author" content="ROC CMS">
+		</head>
+
+		<body>
+		    <h2> Account Evaluation </h2>
+			<p>The user $user ($email) wants to register to the site</p>
+
+			<blockquote><p>This is his/her application.</p>
+  				<p>$application</p>
+			</blockquote>
+
+			<p>To complete the registration, please click on the following link to activate the user account:<p>
+
+			<p><a href="$activate">$activate</a></p>
+
+			<p>To reject the registration, please click on the following link <p>
+
+			<p><a href="$reject">$reject</a></p>
+		</body>
+		</html>
+	]"
+
+
 	default_template_account_activation: STRING = "[
 		<!doctype html>
 		<html lang="en">
@@ -188,17 +245,49 @@ feature {NONE} -- Message email
 		</head>
 
 		<body>
-			<p>Thank you for registering at <a href="...">ROC CMS</a></p>
+			<p>Thank you for applying to  <a href="...">ROC CMS</a> $user</p>
 
-			<p>To complete your registration, please click on the following link to activate your account:<p>
-
-			<p><a href="$link">$link</a></p>
+			<p>We will review your application and send you an email<p>
 			<p>Thank you for joining us.</p>
 		</body>
 		</html>
 	]"
 
 
+	default_template_account_activation_confirmation: STRING = "[
+		<!doctype html>
+		<html lang="en">
+		<head>
+		  <meta charset="utf-8">
+		  <title>Activation</title>
+		  <meta name="description" content="Activation Confirmation">
+		  <meta name="author" content="ROC CMS">
+		</head>
+
+		<body>
+			<p>Your account has been confirmed  <a href="...">ROC CMS</a> $email</p>
+
+			<p>Thank you for joining us.</p>
+		</body>
+		</html>
+	]"
+
+	default_template_account_rejected:  STRING = "[
+		<!doctype html>
+		<html lang="en">
+		<head>
+		  <meta charset="utf-8">
+		  <title>New Activation</title>
+		  <meta name="description" content="Application Rejected">
+		  <meta name="author" content="ROC CMS">
+		</head>
+
+		<body>
+			<p>You requested has been rejected, your application does not conform our rules <a href="...">ROC CMS</a></p>
+		</body>
+		</html>
+	]"
+
 	default_template_account_re_activation: STRING = "[
 		<!doctype html>
 		<html lang="en">
diff --git a/modules/auth/cms_authentication_module.e b/modules/auth/cms_authentication_module.e
index 3787b75..b4bba83 100644
--- a/modules/auth/cms_authentication_module.e
+++ b/modules/auth/cms_authentication_module.e
@@ -8,13 +8,20 @@ class
 
 inherit
 	CMS_MODULE
+		rename
+			module_api as auth_api
 		redefine
 			setup_hooks,
-			permissions
+			permissions,
+			initialize,
+			install,
+			auth_api
 		end
 
 	CMS_HOOK_AUTO_REGISTER
 
+	CMS_HOOK_RESPONSE_ALTER
+
 	CMS_HOOK_VALUE_TABLE_ALTER
 
 	CMS_HOOK_BLOCK
@@ -74,6 +81,53 @@ feature -- Access: docs
 			Result := cache_duration = 0
 		end
 
+feature {CMS_API} -- Module Initialization			
+
+	initialize (a_api: CMS_API)
+			-- <Precursor>
+		local
+			l_auth_api: like auth_api
+			l_user_auth_storage: CMS_AUTH_STORAGE_I
+		do
+			Precursor (a_api)
+
+				-- Storage initialization
+			if attached a_api.storage.as_sql_storage as l_storage_sql then
+				create {CMS_AUTH_STORAGE_SQL} l_user_auth_storage.make (l_storage_sql)
+			else
+				-- FIXME: in case of NULL storage, should Current be disabled?
+				create {CMS_AUTH_STORAGE_NULL} l_user_auth_storage
+			end
+
+				-- API initialization
+			create l_auth_api.make_with_storage (a_api, l_user_auth_storage)
+			auth_api := l_auth_api
+		ensure then
+			auth_api_set: auth_api /= Void
+		end
+
+	install (api: CMS_API)
+		do
+				-- Schema
+			if attached api.storage.as_sql_storage as l_sql_storage then
+				if not l_sql_storage.sql_table_exists ("auth_temp_user") then
+					--| Schema
+					l_sql_storage.sql_execute_file_script (api.module_resource_location (Current, (create {PATH}.make_from_string ("scripts")).extended ("auth_temp_user.sql")), Void)
+
+					if l_sql_storage.has_error then
+						api.logger.put_error ("Could not initialize database for auth_module", generating_type)
+					end
+				end
+				l_sql_storage.sql_finalize
+				Precursor {CMS_MODULE}(api)
+			end
+		end
+
+feature {CMS_API} -- Access: API
+
+	auth_api: detachable CMS_AUTH_API
+			-- <Precursor>			
+
 feature -- Router
 
 	setup_router (a_router: WSF_ROUTER; a_api: CMS_API)
@@ -89,6 +143,7 @@ feature -- Router
 			a_router.handle ("/account/roc-logout", create {WSF_URI_AGENT_HANDLER}.make (agent handle_logout (a_api, ?, ?)), a_router.methods_head_get)
 			a_router.handle ("/account/roc-register", create {WSF_URI_AGENT_HANDLER}.make (agent handle_register (a_api, ?, ?)), a_router.methods_get_post)
 			a_router.handle ("/account/activate/{token}", create {WSF_URI_TEMPLATE_AGENT_HANDLER}.make (agent handle_activation (a_api, ?, ?)), a_router.methods_head_get)
+			a_router.handle ("/account/reject/{token}", create {WSF_URI_TEMPLATE_AGENT_HANDLER}.make (agent handle_reject (a_api, ?, ?)), a_router.methods_head_get)
 			a_router.handle ("/account/reactivate", create {WSF_URI_AGENT_HANDLER}.make (agent handle_reactivation (a_api, ?, ?)), a_router.methods_get_post)
 			a_router.handle ("/account/new-password", create {WSF_URI_AGENT_HANDLER}.make (agent handle_new_password (a_api, ?, ?)), a_router.methods_get_post)
 			a_router.handle ("/account/reset-password", create {WSF_URI_AGENT_HANDLER}.make (agent handle_reset_password (a_api, ?, ?)), a_router.methods_get_post)
@@ -182,53 +237,82 @@ feature -- Handler
 		local
 			r: CMS_RESPONSE
 			l_user_api: CMS_USER_API
-			u: CMS_USER
+			u: CMS_TEMPORAL_USER
 			l_exist: BOOLEAN
 			es: CMS_AUTHENTICATON_EMAIL_SERVICE
-			l_url: STRING
+			l_url_activate: STRING
+			l_url_reject: STRING
 			l_token: STRING
+			l_captcha_passed: BOOLEAN
 		do
 			create {GENERIC_VIEW_CMS_RESPONSE} r.make (req, res, api)
-			if r.has_permission ("account register") then
+			if
+				r.has_permission ("account register") and then
+			   	attached auth_api as l_auth_api
+			then
 				if req.is_post_request_method then
 					if
 						attached {WSF_STRING} req.form_parameter ("name") as l_name and then
 						attached {WSF_STRING} req.form_parameter ("password") as l_password and then
-						attached {WSF_STRING} req.form_parameter ("email") as l_email
+						attached {WSF_STRING} req.form_parameter ("email") as l_email and then
+						attached {WSF_STRING} req.form_parameter ("application") as l_application
 					then
 						l_user_api := api.user_api
 
-						if attached l_user_api.user_by_name (l_name.value) then
+						if attached l_user_api.user_by_name (l_name.value) or else attached l_auth_api.user_by_name (l_name.value) then
 								-- Username already exist.
 							r.set_value ("User name already exists!", "error_name")
 							l_exist := True
 						end
-						if attached l_user_api.user_by_email (l_email.value) then
+						if attached l_user_api.user_by_email (l_email.value) or else attached l_auth_api.user_by_email (l_email.value) then
 								-- Emails already exist.
 							r.set_value ("An account is already associated with that email address!", "error_email")
 							l_exist := True
 						end
 
+						if attached recaptcha_secret_key (api) as l_recaptcha_key then
+							if
+								attached {WSF_STRING} req.form_parameter ("g-recaptcha-response") as l_recaptcha_response and then
+								is_captcha_verified (l_recaptcha_key, l_recaptcha_response.value)
+							then
+								l_captcha_passed := True
+							else
+									--| Bad or missing captcha
+								l_captcha_passed := False
+							end
+						else
+								--| reCaptcha is not setup, so no verification
+							l_captcha_passed := True
+						end
+
 						if not l_exist then
-								-- New user
+
+								-- New temp user
 							create u.make (l_name.value)
 							u.set_email (l_email.value)
 							u.set_password (l_password.value)
-							l_user_api.new_user (u)
+							u.set_application (l_application.value)
+							l_auth_api.new_temp_user (u)
 
 								-- Create activation token
 							l_token := new_token
 							l_user_api.new_activation (l_token, u.id)
-							l_url := req.absolute_script_url ("/account/activate/" + l_token)
+							l_url_activate := req.absolute_script_url ("/account/activate/" + l_token)
+							l_url_reject := req.absolute_script_url ("/account/reject/" + l_token)
 
-								-- Send Email
+								-- Send Email to webmaster
+							create es.make (create {CMS_AUTHENTICATION_EMAIL_SERVICE_PARAMETERS}.make (api))
+							write_debug_log (generator + ".handle register: send_register_email")
+							es.send_account_evaluation (u, l_application.value, l_url_activate, l_url_reject)
+
+								-- Send Email to user
 							create es.make (create {CMS_AUTHENTICATION_EMAIL_SERVICE_PARAMETERS}.make (api))
 							write_debug_log (generator + ".handle register: send_contact_email")
-							es.send_contact_email (l_email.value, l_url)
-
+							es.send_contact_email (l_email.value, l_name.value)
 						else
 							r.set_value (l_name.value, "name")
 							r.set_value (l_email.value, "email")
+							r.set_value (l_application.value, "application")
 							r.set_status_code ({HTTP_CONSTANTS}.bad_request)
 						end
 					end
@@ -246,67 +330,127 @@ feature -- Handler
 			r: CMS_RESPONSE
 			l_user_api: CMS_USER_API
 			l_ir: INTERNAL_SERVER_ERROR_CMS_RESPONSE
+			es: CMS_AUTHENTICATON_EMAIL_SERVICE
 		do
-			l_user_api := api.user_api
-			create {GENERIC_VIEW_CMS_RESPONSE} r.make (req, res, api)
-			if attached {WSF_STRING} req.path_parameter ("token") as l_token then
+			if attached auth_api as l_auth_api then
+				l_user_api := api.user_api
+				create {GENERIC_VIEW_CMS_RESPONSE} r.make (req, res, api)
+				if attached {WSF_STRING} req.path_parameter ("token") as l_token then
 
-				if attached {CMS_USER} l_user_api.user_by_activation_token (l_token.value) as l_user then
-					-- Valid user_id
-					l_user.mark_active
-					l_user_api.update_user (l_user)
-					l_user_api.remove_activation (l_token.value)
-					r.set_main_content ("<p> Your account <i>"+ l_user.name +"</i> has been activated</p>")
+					if attached {CMS_TEMPORAL_USER} l_auth_api.user_by_activation_token (l_token.value) as l_user then
+							-- Delete temporal User
+						l_auth_api.delete_user (l_user)
+
+							-- Valid user_id
+						l_user.set_id (0)
+						l_user.mark_active
+						l_user_api.new_user (l_user)
+						l_auth_api.remove_activation (l_token.value)
+
+						r.set_main_content ("<p> The account <i>"+ l_user.name +"</i> has been activated</p>")
+							-- Send Email
+						if attached l_user.email as l_email then
+							create es.make (create {CMS_AUTHENTICATION_EMAIL_SERVICE_PARAMETERS}.make (api))
+							write_debug_log (generator + ".handle register: send_contact_activation_confirmation_email")
+							es.send_contact_activation_confirmation_email (l_email, req.absolute_script_url (""))
+						end
+					else
+							-- the token does not exist, or it was already used.
+						r.set_status_code ({HTTP_CONSTANTS}.bad_request)
+						r.set_main_content ("<p>The token <i>" + l_token.value +"</i> is not valid " + r.link ("Reactivate Account", "account/reactivate", Void) + "</p>")
+					end
+					r.execute
 				else
-					-- the token does not exist, or it was already used.
-					r.set_status_code ({HTTP_CONSTANTS}.bad_request)
-					r.set_main_content ("<p>The token <i>" + l_token.value +"</i> is not valid " + r.link ("Reactivate Account", "account/reactivate", Void) + "</p>")
+					create l_ir.make (req, res, api)
+					l_ir.execute
 				end
-				r.execute
 			else
-				create l_ir.make (req, res, api)
-				l_ir.execute
+				create {INTERNAL_SERVER_ERROR_CMS_RESPONSE} r.make (req, res, api)
+--				r.set_main_content ("...")
+				r.execute
 			end
 		end
 
 
+	handle_reject (api: CMS_API; req: WSF_REQUEST; res: WSF_RESPONSE)
+		local
+			r: CMS_RESPONSE
+			l_user_api: CMS_USER_API
+			l_ir: INTERNAL_SERVER_ERROR_CMS_RESPONSE
+			es: CMS_AUTHENTICATON_EMAIL_SERVICE
+		do
+			if attached auth_api as l_auth_api then
+				create {GENERIC_VIEW_CMS_RESPONSE} r.make (req, res, api)
+				if attached {WSF_STRING} req.path_parameter ("token") as l_token then
+					if attached {CMS_TEMPORAL_USER} l_auth_api.user_by_activation_token (l_token.value) as l_user then
+						l_auth_api.delete_user (l_user)
+						r.set_main_content ("<p> The temporal account for <i>"+ l_user.name +"</i> has been removed</p>")
+							-- Send Email
+						if attached l_user.email as l_email then
+							create es.make (create {CMS_AUTHENTICATION_EMAIL_SERVICE_PARAMETERS}.make (api))
+							write_debug_log (generator + ".handle register: send_contact_activation_reject_email")
+							es.send_contact_activation_reject_email (l_email, req.absolute_script_url (""))
+						end
+					else
+							-- the token does not exist, or it was already used.
+						r.set_status_code ({HTTP_CONSTANTS}.bad_request)
+						r.set_main_content ("<p>The token <i>" + l_token.value +"</i> is not valid ")
+					end
+					r.execute
+				else
+					create l_ir.make (req, res, api)
+					l_ir.execute
+				end
+			else
+				create {INTERNAL_SERVER_ERROR_CMS_RESPONSE} r.make (req, res, api)
+				r.execute
+			end
+		end
+
 	handle_reactivation (api: CMS_API; req: WSF_REQUEST; res: WSF_RESPONSE)
 		local
 			r: CMS_RESPONSE
 			es: CMS_AUTHENTICATON_EMAIL_SERVICE
 			l_user_api: CMS_USER_API
 			l_token: STRING
-			l_url: STRING
+			l_url_activate: STRING
+			l_url_reject: STRING
 		do
-			create {GENERIC_VIEW_CMS_RESPONSE} r.make (req, res, api)
-			if req.is_post_request_method then
-				if
-					attached {WSF_STRING} req.form_parameter ("email") as l_email
-				then
-					l_user_api := api.user_api
-					if 	attached {CMS_USER} l_user_api.user_by_email (l_email.value) as l_user then
-							-- User exist create a new token and send a new email.
-						if l_user.is_active then
-							r.set_value ("The asociated user to the given email " + l_email.value + " , is already active", "is_active")
-							r.set_status_code ({HTTP_CONSTANTS}.bad_request)
-						else
-							l_token := new_token
-							l_user_api.new_activation (l_token, l_user.id)
-							l_url := req.absolute_script_url ("/account/activate/" + l_token)
+			if attached auth_api as l_auth_api then
+				create {GENERIC_VIEW_CMS_RESPONSE} r.make (req, res, api)
+				if req.is_post_request_method then
+					if
+						attached {WSF_STRING} req.form_parameter ("email") as l_email
+					then
+						l_user_api := api.user_api
+						if 	attached {CMS_TEMPORAL_USER} l_auth_api.user_by_email (l_email.value) as l_user then
+								-- User exist create a new token and send a new email.
+							if l_user.is_active then
+								r.set_value ("The asociated user to the given email " + l_email.value + " , is already active", "is_active")
+								r.set_status_code ({HTTP_CONSTANTS}.bad_request)
+							else
+								l_token := new_token
+								l_user_api.new_activation (l_token, l_user.id)
+								l_url_activate := req.absolute_script_url ("/account/activate/" + l_token)
+								l_url_reject := req.absolute_script_url ("/account/reject/" + l_token)
 
-								-- Send Email
-							create es.make (create {CMS_AUTHENTICATION_EMAIL_SERVICE_PARAMETERS}.make (api))
-							write_debug_log (generator + ".handle register: send_contact_activation_email")
-							es.send_contact_activation_email (l_email.value, l_url)
+									-- Send Email to webmaster
+								if attached l_user.application as l_application then
+									create es.make (create {CMS_AUTHENTICATION_EMAIL_SERVICE_PARAMETERS}.make (api))
+									write_debug_log (generator + ".handle register: send_register_email")
+									es.send_account_evaluation (l_user, l_application, l_url_activate, l_url_reject)
+								end
+							end
+						else
+							r.set_value ("The email does not exist or !", "error_email")
+							r.set_value (l_email.value, "email")
+							r.set_status_code ({HTTP_CONSTANTS}.bad_request)
 						end
-					else
-						r.set_value ("The email does not exist or !", "error_email")
-						r.set_value (l_email.value, "email")
-						r.set_status_code ({HTTP_CONSTANTS}.bad_request)
 					end
 				end
+			else
+				create {INTERNAL_SERVER_ERROR_CMS_RESPONSE} r.make (req, res, api)
 			end
-
 			r.execute
 		end
 
@@ -556,6 +700,9 @@ feature {NONE} -- Block views
 			if a_response.has_permission ("account register") then
 				if a_response.request.is_get_request_method then
 					if attached template_block (a_block_id, a_response) as l_tpl_block then
+						if attached recaptcha_site_key (a_response.api) as l_recaptcha_site_key then
+							l_tpl_block.set_value (l_recaptcha_site_key, "recaptcha_site_key")
+						end
 						a_response.add_block (l_tpl_block, "content")
 					else
 						debug ("cms")
@@ -569,6 +716,9 @@ feature {NONE} -- Block views
 	--						l_tpl_block.set_value (a_response.values.item ("error_email"), "error_email")
 	--						l_tpl_block.set_value (a_response.values.item ("email"), "email")
 	--						l_tpl_block.set_value (a_response.values.item ("name"), "name")
+							if attached recaptcha_site_key (a_response.api) as l_recaptcha_site_key then
+								l_tpl_block.set_value (l_recaptcha_site_key, "recaptcha_site_key")
+							end
 							a_response.add_block (l_tpl_block, "content")
 						else
 							debug ("cms")
@@ -693,6 +843,67 @@ feature {NONE} -- Block views
 			end
 		end
 
+
+feature -- Recaptcha
+
+	recaptcha_secret_key (api: CMS_API): detachable READABLE_STRING_8
+			-- Get recaptcha security key.
+		local
+			utf: UTF_CONVERTER
+		do
+			if attached api.module_configuration (Current, Void) as cfg then
+				if
+					attached cfg.text_item ("recaptcha.secret_key") as l_recaptcha_key and then
+					not l_recaptcha_key.is_empty
+				then
+					Result := utf.utf_32_string_to_utf_8_string_8 (l_recaptcha_key)
+				end
+			end
+		end
+
+	recaptcha_site_key (api: CMS_API): detachable READABLE_STRING_8
+			-- Get recaptcha security key.
+		local
+			utf: UTF_CONVERTER
+		do
+			if attached api.module_configuration (Current, Void) as cfg then
+				if
+					attached cfg.text_item ("recaptcha.site_key") as l_recaptcha_key and then
+					not l_recaptcha_key.is_empty
+				then
+					Result := utf.utf_32_string_to_utf_8_string_8 (l_recaptcha_key)
+				end
+			end
+		end
+
+
+feature -- Response Alter
+
+	response_alter (a_response: CMS_RESPONSE)
+		do
+			a_response.add_javascript_url ("https://www.google.com/recaptcha/api.js")
+		end
+
+feature {NONE} -- Implementation
+
+	is_captcha_verified (a_secret, a_response: READABLE_STRING_8): BOOLEAN
+		local
+			api: RECAPTCHA_API
+			l_errors: STRING
+		do
+			write_debug_log (generator + ".is_captcha_verified with response: [" + a_response + "]")
+			create api.make (a_secret, a_response)
+			Result := api.verify
+			if not Result and then attached api.errors as l_api_errors then
+				create l_errors.make_empty
+				l_errors.append_character ('%N')
+				across l_api_errors as ic loop
+					l_errors.append ( ic.item )
+					l_errors.append_character ('%N')
+				end
+				write_error_log (generator + ".is_captcha_verified api_errors [" + l_errors + "]")
+			end
+		end
 note
 	copyright: "Copyright (c) 1984-2013, Eiffel Software and others"
 	license: "Eiffel Forum License v2 (see http://www.eiffel.com/licensing/forum.txt)"
diff --git a/modules/auth/cms_authenticaton_email_service.e b/modules/auth/cms_authenticaton_email_service.e
index d4a1984..48758f7 100644
--- a/modules/auth/cms_authenticaton_email_service.e
+++ b/modules/auth/cms_authenticaton_email_service.e
@@ -34,15 +34,34 @@ feature -- Access
 
 feature -- Basic Operations
 
-	send_contact_email (a_to, a_content: READABLE_STRING_8)
-			-- Send successful contact message `a_token' to `a_to'.
+	send_account_evaluation (a_user: CMS_USER; a_application, a_url_activate, a_url_reject: READABLE_STRING_8)
+			-- Send new user register to webmaster to confirm or reject itt.
+		local
+			l_message: STRING
+		do
+			create l_message.make_from_string (parameters.account_evaluation)
+			l_message.replace_substring_all ("$user", a_user.name)
+			if attached a_user.email as l_email then
+				l_message.replace_substring_all ("$email", l_email)
+			else
+				l_message.replace_substring_all ("$email", "unknown email")
+			end
+			l_message.replace_substring_all ("$application", a_application)
+			l_message.replace_substring_all ("$activate", a_url_activate)
+			l_message.replace_substring_all ("$reject", a_url_reject)
+			send_message (contact_email, contact_email, parameters.contact_subject_account_evaluation, l_message)
+		end
+
+
+	send_contact_email (a_to, a_user: READABLE_STRING_8)
+			-- Send successful contact message to `a_to'.
 		require
 			attached_to: a_to /= Void
 		local
 			l_message: STRING
 		do
 			create l_message.make_from_string (parameters.account_activation)
-			l_message.replace_substring_all ("$link", a_content)
+			l_message.replace_substring_all ("$user", a_user)
 			send_message (contact_email, a_to, parameters.contact_subject_register, l_message)
 		end
 
@@ -60,6 +79,33 @@ feature -- Basic Operations
 		end
 
 
+	send_contact_activation_confirmation_email (a_to, a_content: READABLE_STRING_8)
+			-- Send successful contact activation to a_to.
+		require
+			attached_to: a_to /= Void
+		local
+			l_message: STRING
+		do
+			create l_message.make_from_string (parameters.account_activation_confirmation)
+			l_message.replace_substring_all ("$email", a_content)
+			send_message (contact_email, a_to, parameters.contact_subject_activated, l_message)
+		end
+
+
+	send_contact_activation_reject_email (a_to, a_content: READABLE_STRING_8)
+			-- Send successful contact activation reject to `a_to'.
+		require
+			attached_to: a_to /= Void
+		local
+			l_message: STRING
+		do
+			create l_message.make_from_string (parameters.account_rejected)
+			l_message.replace_substring_all ("$link", a_content)
+			send_message (contact_email, a_to, parameters.contact_subject_activate, l_message)
+		end
+
+
+
 	send_contact_password_email (a_to, a_content: READABLE_STRING_8)
 			-- Send successful contact message `a_token' to `a_to'.
 		require
diff --git a/modules/auth/model/cms_temporal_user.e b/modules/auth/model/cms_temporal_user.e
new file mode 100644
index 0000000..4ea4af4
--- /dev/null
+++ b/modules/auth/model/cms_temporal_user.e
@@ -0,0 +1,32 @@
+note
+	description: "Summary description for {CMS_TEMPORAL_USER}."
+	date: "$Date$"
+	revision: "$Revision$"
+
+class
+	CMS_TEMPORAL_USER
+
+inherit
+
+	CMS_USER
+
+create
+		make,
+		make_with_id
+
+feature -- Access
+
+	application: detachable STRING_32
+			-- User application
+
+feature -- Element change
+
+	set_application (an_application: like application)
+			-- Assign `application' with `an_application'.
+		do
+			application := an_application
+		ensure
+			application_assigned: application = an_application
+		end
+
+end
diff --git a/modules/auth/persistence/cms_auth_storage_i.e b/modules/auth/persistence/cms_auth_storage_i.e
new file mode 100644
index 0000000..48851ad
--- /dev/null
+++ b/modules/auth/persistence/cms_auth_storage_i.e
@@ -0,0 +1,75 @@
+note
+	description: "[
+		API to handle OAUTH storage
+		]"
+	date: "$Date$"
+	revision: "$Revision$"
+
+deferred class
+	CMS_AUTH_STORAGE_I
+
+inherit
+	SHARED_LOGGER
+
+feature -- Error Handling
+
+	error_handler: ERROR_HANDLER
+			-- Error handler.
+		deferred
+		end
+
+feature -- Access: Users
+
+	user_temp_by_id (a_uid: like {CMS_USER}.id; a_consumer_table: READABLE_STRING_GENERAL): detachable CMS_USER
+			-- Retrieve a user by id `a_uid' for the consumer `a_consumer', if aby.
+		deferred
+		end
+
+	user_by_name (a_name: like {CMS_USER}.name): detachable CMS_USER
+			-- User with name `a_name', if any.
+		require
+			 a_name /= Void and then not a_name.is_empty
+		deferred
+		ensure
+			same_name: Result /= Void implies a_name ~ Result.name
+			password: Result /= Void implies (Result.hashed_password /= Void and Result.password = Void)
+		end
+
+	user_by_email (a_email: like {CMS_USER}.email): detachable CMS_USER
+			-- User with name `a_email', if any.
+		deferred
+		ensure
+			same_email: Result /= Void implies a_email ~ Result.email
+			password: Result /= Void implies (Result.hashed_password /= Void and Result.password = Void)
+		end
+
+
+	user_by_activation_token (a_token: READABLE_STRING_32): detachable CMS_USER
+			-- User with activation token `a_token', if any.
+		deferred
+		ensure
+			password: Result /= Void implies (Result.hashed_password /= Void and Result.password = Void)
+		end
+
+feature -- New Temp User
+
+	remove_activation (a_token: READABLE_STRING_32)
+			-- Remove activation by token `a_token'.
+		deferred
+		end
+
+	new_temp_user (a_user: CMS_TEMPORAL_USER)
+			-- New temp user `a_user'.
+		require
+			no_id: not a_user.has_id
+		deferred
+		end
+
+	delete_user (a_user: CMS_TEMPORAL_USER)
+			-- Delete user `a_user'.
+		require
+			has_id: a_user.has_id
+		deferred
+		end
+
+end
diff --git a/modules/auth/persistence/cms_auth_storage_null.e b/modules/auth/persistence/cms_auth_storage_null.e
new file mode 100644
index 0000000..505b558
--- /dev/null
+++ b/modules/auth/persistence/cms_auth_storage_null.e
@@ -0,0 +1,62 @@
+note
+	description: "Summary description for {CMS_AUTH_STORAGE_NULL}."
+	date: "$Date$"
+	revision: "$Revision$"
+
+class
+	CMS_AUTH_STORAGE_NULL
+
+inherit
+
+	CMS_AUTH_STORAGE_I
+
+
+feature -- Error handler
+
+	error_handler: ERROR_HANDLER
+			-- Error handler.
+		do
+			create Result.make
+		end
+
+feature -- Access: Users
+
+	user_temp_by_id (a_uid: like {CMS_USER}.id; a_consumer_table: READABLE_STRING_GENERAL): detachable CMS_USER
+			-- <Precursor>
+		do
+		end
+
+	user_by_name (a_name: like {CMS_USER}.name): detachable CMS_USER
+			-- <Precursor>
+		do
+		end
+
+	user_by_email (a_email: like {CMS_USER}.email): detachable CMS_USER
+			-- <Precursor>
+		do
+		end
+
+	user_by_activation_token (a_token: READABLE_STRING_32): detachable CMS_USER
+			-- <Precursor>
+		do
+		end
+
+feature -- Temp Users
+
+	remove_activation (a_token: READABLE_STRING_32)
+			-- <Precursor>.
+		do
+		end
+
+	new_temp_user (a_user: CMS_TEMPORAL_USER)
+			-- <Precursor>
+		do
+		end
+
+	delete_user (a_user: CMS_TEMPORAL_USER)
+			-- <Precursor>
+		do
+		end
+
+
+end
diff --git a/modules/auth/persistence/cms_auth_storage_sql.e b/modules/auth/persistence/cms_auth_storage_sql.e
new file mode 100644
index 0000000..ea2fe44
--- /dev/null
+++ b/modules/auth/persistence/cms_auth_storage_sql.e
@@ -0,0 +1,256 @@
+note
+	description: "Summary description for {CMS_AUTH_STORAGE_SQL}."
+	date: "$Date$"
+	revision: "$Revision$"
+
+class
+	CMS_AUTH_STORAGE_SQL
+
+inherit
+	CMS_AUTH_STORAGE_I
+
+	CMS_PROXY_STORAGE_SQL
+
+	CMS_STORAGE_SQL_I
+
+	REFACTORING_HELPER
+
+create
+	make
+
+feature -- Access User Outh
+
+
+	user_temp_by_id (a_uid: like {CMS_USER}.id; a_consumer: READABLE_STRING_GENERAL): detachable CMS_USER
+			-- <Precursor>
+		local
+			l_parameters: STRING_TABLE [detachable ANY]
+			l_string: STRING
+		do
+			error_handler.reset
+			write_information_log (generator + ".user_temp_by_id")
+			create l_parameters.make (1)
+			l_parameters.put (a_uid, "uid")
+			create l_string.make_from_string (select_user_auth_temp_by_id)
+			sql_query (l_string, l_parameters)
+			if not has_error and not sql_after then
+				Result := fetch_user
+				sql_forth
+				if not sql_after then
+					check no_more_than_one: False end
+					Result := Void
+				end
+			end
+			sql_finalize
+		end
+
+	user_by_name (a_name: like {CMS_USER}.name): detachable CMS_USER
+			-- User for the given name `a_name', if any.
+		local
+			l_parameters: STRING_TABLE [detachable ANY]
+		do
+			error_handler.reset
+			write_information_log (generator + ".user_by_name")
+			create l_parameters.make (1)
+			l_parameters.put (a_name, "name")
+			sql_query (select_user_by_name, l_parameters)
+			if not sql_after then
+				Result := fetch_user
+				sql_forth
+				check one_row: sql_after end
+			end
+			sql_finalize
+		end
+
+	user_by_email (a_email: like {CMS_USER}.email): detachable CMS_USER
+			-- User for the given email `a_email', if any.
+		local
+			l_parameters: STRING_TABLE [detachable ANY]
+		do
+			error_handler.reset
+			write_information_log (generator + ".user_by_email")
+			create l_parameters.make (1)
+			l_parameters.put (a_email, "email")
+			sql_query (select_user_by_email, l_parameters)
+			if not sql_after then
+				Result := fetch_user
+				sql_forth
+				check one_row: sql_after end
+			end
+			sql_finalize
+		end
+
+	user_by_activation_token (a_token: READABLE_STRING_32): detachable CMS_USER
+			-- User for the given activation token `a_token', if any.
+		local
+			l_parameters: STRING_TABLE [detachable ANY]
+		do
+			error_handler.reset
+			write_information_log (generator + ".user_by_activation_token")
+			create l_parameters.make (1)
+			l_parameters.put (a_token, "token")
+			sql_query (select_user_by_activation_token, l_parameters)
+			if not sql_after then
+				Result := fetch_user
+				sql_forth
+				check one_row: sql_after end
+			end
+			sql_finalize
+		end
+
+
+feature {NONE} -- Implementation: User
+
+	fetch_user: detachable CMS_TEMPORAL_USER
+		local
+			l_id: INTEGER_64
+			l_name: detachable READABLE_STRING_32
+		do
+			if attached sql_read_integer_64 (1) as i then
+				l_id := i
+			end
+			if attached sql_read_string_32 (2) as s and then not s.is_whitespace then
+				l_name := s
+			end
+
+			if l_name /= Void then
+				create Result.make (l_name)
+				if l_id > 0 then
+					Result.set_id (l_id)
+				end
+			elseif l_id > 0 then
+				create Result.make_with_id (l_id)
+			end
+
+			if Result /= Void then
+				if attached sql_read_string (3) as l_password then
+						-- FIXME: should we return the password here ???
+					Result.set_password (l_password)
+				end
+				if attached sql_read_string (5) as l_email then
+					Result.set_email (l_email)
+				end
+				if attached sql_read_string (6) as l_application then
+					Result.set_application (l_application)
+				end
+			else
+				check expected_valid_user: False end
+			end
+		end
+
+
+feature -- New Temp User	
+
+	new_temp_user (a_user: CMS_TEMPORAL_USER)
+			-- Add a new temp_user `a_user'.
+		local
+			l_parameters: STRING_TABLE [detachable ANY]
+			l_password_salt, l_password_hash: STRING
+			l_security: SECURITY_PROVIDER
+		do
+			error_handler.reset
+			if
+				attached a_user.password as l_password and then
+				attached a_user.email as l_email and then
+				attached a_user.application as l_application
+			then
+
+				create l_security
+				l_password_salt := l_security.salt
+				l_password_hash := l_security.password_hash (l_password, l_password_salt)
+
+				write_information_log (generator + ".new_temp_user")
+				create l_parameters.make (4)
+				l_parameters.put (a_user.name, "name")
+				l_parameters.put (l_password_hash, "password")
+				l_parameters.put (l_password_salt, "salt")
+				l_parameters.put (l_email, "email")
+				l_parameters.put (l_application, "application")
+
+				sql_begin_transaction
+				sql_insert (sql_insert_user, l_parameters)
+				if not error_handler.has_error then
+					a_user.set_id (last_inserted_user_id)
+					sql_commit_transaction
+				else
+					sql_rollback_transaction
+				end
+				sql_finalize
+			else
+				-- set error
+				error_handler.add_custom_error (-1, "bad request" , "Missing password or email")
+			end
+		end
+
+
+feature -- Remove Activation
+
+	remove_activation (a_token: READABLE_STRING_32)
+			-- <Precursor>.
+		local
+			l_parameters: STRING_TABLE [detachable ANY]
+		do
+			error_handler.reset
+			sql_begin_transaction
+			write_information_log (generator + ".remove_activation")
+			create l_parameters.make (1)
+			l_parameters.put (a_token, "token")
+			sql_modify (sql_remove_activation, l_parameters)
+			sql_commit_transaction
+			sql_finalize
+		end
+
+	delete_user (a_user: CMS_TEMPORAL_USER)
+			-- Delete user `a_user'.
+		local
+			l_parameters: STRING_TABLE [detachable ANY]
+		do
+			error_handler.reset
+			sql_begin_transaction
+			write_information_log (generator + ".delete_user")
+			create l_parameters.make (1)
+			l_parameters.put (a_user.id, "uid")
+			sql_modify (sql_delete_user, l_parameters)
+			sql_commit_transaction
+			sql_finalize
+		end
+feature  {NONE} -- Implementation
+
+	last_inserted_user_id: INTEGER_64
+			-- Last insert user id.
+		do
+			error_handler.reset
+			write_information_log (generator + ".last_inserted_user_id")
+			sql_query (Sql_last_insert_user_id, Void)
+			if not sql_after then
+				Result := sql_read_integer_64 (1)
+				sql_forth
+				check one_row: sql_after end
+			end
+			sql_finalize
+		end
+
+feature {NONE} -- SQL select
+
+	Sql_last_insert_user_id: STRING = "SELECT MAX(uid) FROM auth_temp_user;"
+
+	Select_user_auth_temp_by_id: STRING = "SELECT uid, name, password, salt, email, application FROM auth_temp_user as u where uid=:uid;"
+
+
+	sql_insert_user: STRING = "INSERT INTO auth_temp_user (name, password, salt, email, application) VALUES (:name, :password, :salt, :email, :application);"
+			-- SQL Insert to add a new user.
+
+	Select_user_by_name: STRING = "SELECT uid, name, password, salt, email, application FROM auth_temp_user WHERE name =:name;"
+			-- Retrieve user by name if exists.
+
+	Select_user_by_email: STRING = "SELECT uid, name, password, salt, email, application FROM auth_temp_user WHERE email =:email;"
+			-- Retrieve user by email if exists.
+
+	Select_user_by_activation_token: STRING = "SELECT u.uid, u.name, u.password, u.salt, u.email, u.application FROM auth_temp_user as u JOIN users_activations as ua ON ua.uid = u.uid and ua.token = :token;"
+			-- Retrieve user by activation token if exist.
+
+	Sql_remove_activation: STRING = "DELETE FROM users_activations WHERE token = :token;"
+			-- Remove activation token.		
+
+	Sql_delete_user: STRING = "DELETE FROM auth_temp_user WHERE uid=:uid;"
+end
diff --git a/modules/auth/site/config/auth.json b/modules/auth/site/config/auth.json
new file mode 100644
index 0000000..a81ab66
--- /dev/null
+++ b/modules/auth/site/config/auth.json
@@ -0,0 +1,8 @@
+{
+	"email": "webmaster@eiffel.org",
+	"subject": "Thank you for contacting us",
+    "recaptcha": {
+     		"site_key":"6Lex9RMTAAAAAKleC4x6TaRlFcpLbEWgH_U7MSiD",
+     		"secret_key":"6Lex9RMTAAAAAAkBczvX5DUiyg_xoM_EthVVgRRx"
+     }	
+}
diff --git a/modules/auth/site/mail_templates/account_activation.html b/modules/auth/site/mail_templates/account_activation.html
index 0ab4c4f..0d404a0 100644
--- a/modules/auth/site/mail_templates/account_activation.html
+++ b/modules/auth/site/mail_templates/account_activation.html
@@ -1,5 +1,5 @@
 <!doctype html>
-<html lang="en">
+	<html lang="en">
 	<head>
 	  <meta charset="utf-8">
 	  <title>Activation</title>
@@ -8,11 +8,7 @@
 	</head>
 
 	<body>
-		<p>Thank you for registering at <a href="$host">ROC CMS</a></p>
-
-		<p>To complete your registration, please click on this link to activate your account:<p>
-
-		<p><a href="$link">$link</a></p>
-		<p>Thank you for joining us.</p>
+		<p>Thank you for applying to  <a href="$host">ROC CMS</a> $user</p>
+		<p>We will review your application and send you a resolution<p>
 	</body>
-</html>
+</html>
\ No newline at end of file
diff --git a/modules/auth/site/mail_templates/account_activation_confirmation.html b/modules/auth/site/mail_templates/account_activation_confirmation.html
new file mode 100644
index 0000000..950fccf
--- /dev/null
+++ b/modules/auth/site/mail_templates/account_activation_confirmation.html
@@ -0,0 +1,14 @@
+<!doctype html>
+<html lang="en">
+	<head>
+	  <meta charset="utf-8">
+	  <title>Activation</title>
+	  <meta name="description" content="Activation Confirmation">
+	  <meta name="author" content="ROC CMS">
+	</head>
+
+	<body>
+		<p>Your account has been confirmed  <a href="...">ROC CMS</a> $email</p>
+		<p>Thank you for joining us.</p>
+	</body>
+</html>
\ No newline at end of file
diff --git a/modules/auth/site/mail_templates/account_evaluation.html b/modules/auth/site/mail_templates/account_evaluation.html
new file mode 100644
index 0000000..002292d
--- /dev/null
+++ b/modules/auth/site/mail_templates/account_evaluation.html
@@ -0,0 +1,26 @@
+<!doctype html>
+<html lang="en">
+<head>
+  <meta charset="utf-8">
+  <title>Account Evaluation</title>
+  <meta name="description" content="Account Evaluation">
+  <meta name="author" content="ROC CMS">
+</head>
+
+<body>
+    <h2> Account Evaluation </h2>
+	<p>The user $user ($email) wants to register to the site <a href="$host">ROC CMS</a></p>
+
+	<blockquote><p>This is his/her application.</p>
+	  <p>$application</p>
+	</blockquote>
+
+	<p>To complete the registration, please click on the following link to activate the user account:<p>
+
+	<p><a href="$activate">$activate</a></p>
+
+	<p>To reject the registration, please click on the following link <p>
+
+	<p><a href="$reject">$reject</a></p>
+</body>
+</html>
diff --git a/modules/auth/site/mail_templates/account_rejected.html b/modules/auth/site/mail_templates/account_rejected.html
new file mode 100644
index 0000000..9cefb80
--- /dev/null
+++ b/modules/auth/site/mail_templates/account_rejected.html
@@ -0,0 +1,13 @@
+<!doctype html>
+<html lang="en">
+	<head>
+	  <meta charset="utf-8">
+	  <title>New Activation</title>
+	  <meta name="description" content="Application Rejected">
+	  <meta name="author" content="ROC CMS">
+	</head>
+
+	<body>
+		<p>You requested has been rejected, your application does not conform our rules <a href="...">ROC CMS</a></p>
+	</body>
+</html>
\ No newline at end of file
diff --git a/modules/auth/site/scripts/auth_temp_user.tpl b/modules/auth/site/scripts/auth_temp_user.tpl
new file mode 100644
index 0000000..38ae29b
--- /dev/null
+++ b/modules/auth/site/scripts/auth_temp_user.tpl
@@ -0,0 +1,13 @@
+
+DROP TABLE IF EXISTS "auth_temp_user";
+CREATE TABLE `auth_temp_user` (
+  `uid` INTEGER PRIMARY KEY AUTOINCREMENT NOT NULL,
+  `name` VARCHAR(100) NOT NULL,
+  `password` VARCHAR(100) NOT NULL,
+  `salt` VARCHAR(100) NOT NULL,
+  `email` VARCHAR(250) NOT NULL,
+  `application` TEXT NOT NULL, 
+  CONSTRAINT `name`
+    UNIQUE(`name`)
+);
+
diff --git a/modules/auth/site/templates/block_post_reactivate.tpl b/modules/auth/site/templates/block_post_reactivate.tpl
index 09e7206..c76cbb5 100644
--- a/modules/auth/site/templates/block_post_reactivate.tpl
+++ b/modules/auth/site/templates/block_post_reactivate.tpl
@@ -1,3 +1,3 @@
 <div>
-    <p>We have send you a new activation code, check your email to activate your account.</p>
+    <p>Thanks for your application, we will review it to activate your account.</p>
 </div>
diff --git a/modules/auth/site/templates/block_post_register.tpl b/modules/auth/site/templates/block_post_register.tpl
index d59f75a..c76cbb5 100644
--- a/modules/auth/site/templates/block_post_register.tpl
+++ b/modules/auth/site/templates/block_post_register.tpl
@@ -1,3 +1,3 @@
 <div>
-    <p>Thanks for register, check your email to activate your account.</p>
+    <p>Thanks for your application, we will review it to activate your account.</p>
 </div>

From 5d8ea2065e4b7858c15461d62c8b713571afc242 Mon Sep 17 00:00:00 2001
From: jvelilla <javier.hector@gmail.com>
Date: Mon, 4 Jan 2016 21:14:13 -0300
Subject: [PATCH 2/8] Rename script name and table name for temporary users.
 Updated message, after account reactivation. Updated message, post account
 application. Updated Form name, Registration instead of Registration Form.
 Updated CMS_USER to have two optional features used for temporary users.
 Updated CMS_AUTH_API to user CMS_USER instead of CMS_TEMPORAL_USER Removed
 CMS_TEMPORAL_USER Updateed CMS_AUTHENTICATION_MODULE, with new permission to
 enable activate, reject or reactivate a pending user registration. Updated
 User Storage and API to create a new user from a temporal user.

---
 ...auth_temp_user.sql => auth_temp_users.sql} |   4 +-
 .../auth/templates/block_post_reactivate.tpl  |   2 +-
 .../auth/templates/block_post_register.tpl    |   2 +-
 .../modules/auth/templates/block_register.tpl |   4 +-
 library/model/src/user/cms_user.e             |  25 +-
 modules/auth/cms_auth_api.e                   |   4 +-
 modules/auth/cms_authentication_module.e      | 405 +++++++++---------
 .../auth/cms_authenticaton_email_service.e    |   2 +-
 modules/auth/model/cms_temporal_user.e        |  32 --
 modules/auth/persistence/cms_auth_storage_i.e |   4 +-
 .../auth/persistence/cms_auth_storage_null.e  |   4 +-
 .../auth/persistence/cms_auth_storage_sql.e   |  11 +-
 ...auth_temp_user.tpl => auth_temp_users.tpl} |   4 +-
 .../auth/site/templates/block_register.tpl    |  17 +-
 src/persistence/user/cms_user_storage_i.e     |   8 +-
 src/persistence/user/cms_user_storage_null.e  |   7 +-
 src/persistence/user/cms_user_storage_sql_i.e |  41 +-
 src/service/user/cms_user_api.e               |  23 +-
 18 files changed, 325 insertions(+), 274 deletions(-)
 rename examples/demo/site/modules/auth/scripts/{auth_temp_user.sql => auth_temp_users.sql} (78%)
 delete mode 100644 modules/auth/model/cms_temporal_user.e
 rename modules/auth/site/scripts/{auth_temp_user.tpl => auth_temp_users.tpl} (78%)

diff --git a/examples/demo/site/modules/auth/scripts/auth_temp_user.sql b/examples/demo/site/modules/auth/scripts/auth_temp_users.sql
similarity index 78%
rename from examples/demo/site/modules/auth/scripts/auth_temp_user.sql
rename to examples/demo/site/modules/auth/scripts/auth_temp_users.sql
index 38ae29b..14d42f6 100644
--- a/examples/demo/site/modules/auth/scripts/auth_temp_user.sql
+++ b/examples/demo/site/modules/auth/scripts/auth_temp_users.sql
@@ -1,6 +1,6 @@
 
-DROP TABLE IF EXISTS "auth_temp_user";
-CREATE TABLE `auth_temp_user` (
+DROP TABLE IF EXISTS "auth_temp_users";
+CREATE TABLE `auth_temp_users` (
   `uid` INTEGER PRIMARY KEY AUTOINCREMENT NOT NULL,
   `name` VARCHAR(100) NOT NULL,
   `password` VARCHAR(100) NOT NULL,
diff --git a/examples/demo/site/modules/auth/templates/block_post_reactivate.tpl b/examples/demo/site/modules/auth/templates/block_post_reactivate.tpl
index 09e7206..4142cd3 100644
--- a/examples/demo/site/modules/auth/templates/block_post_reactivate.tpl
+++ b/examples/demo/site/modules/auth/templates/block_post_reactivate.tpl
@@ -1,3 +1,3 @@
 <div>
-    <p>We have send you a new activation code, check your email to activate your account.</p>
+    <p>We have send an email to the administrator, with a new activation code to activate the user account.</p>
 </div>
diff --git a/examples/demo/site/modules/auth/templates/block_post_register.tpl b/examples/demo/site/modules/auth/templates/block_post_register.tpl
index c76cbb5..390c6b4 100644
--- a/examples/demo/site/modules/auth/templates/block_post_register.tpl
+++ b/examples/demo/site/modules/auth/templates/block_post_register.tpl
@@ -1,3 +1,3 @@
 <div>
-    <p>Thanks for your application, we will review it to activate your account.</p>
+    <p>You have requested an account, we will let you know when you application is approved or rejected.</p>
 </div>
diff --git a/examples/demo/site/modules/auth/templates/block_register.tpl b/examples/demo/site/modules/auth/templates/block_register.tpl
index 2b56ea9..e55b7b1 100644
--- a/examples/demo/site/modules/auth/templates/block_register.tpl
+++ b/examples/demo/site/modules/auth/templates/block_register.tpl
@@ -1,7 +1,7 @@
  <div>
     <form action="{$site_url/}account/roc-register" method="post">
         <fieldset>
-            <legend>Register Form</legend>
+            <legend>Registration</legend>
             <div>
                 <input type="text" id="name" name="name"  value="{$name/}" required  autofocus />
                 <label for="name">Name</label>
@@ -24,7 +24,7 @@
                <textarea rows="4" cols="50" name="application" id="application" required>
 			   				{$application/}
 			   </textarea>
-			   <label for="application">Application Sentence</label>
+			   <label for="application">Tell us why you want to register an account</label>
                 {if isset="$error_application"}
                     <span><i>{$error_application/}</i></span> <br>
                 {/if}
diff --git a/library/model/src/user/cms_user.e b/library/model/src/user/cms_user.e
index b0dfbec..7879fcc 100644
--- a/library/model/src/user/cms_user.e
+++ b/library/model/src/user/cms_user.e
@@ -80,6 +80,11 @@ feature -- Access
 			--			active
 			--			trashed
 
+	application: detachable STRING_32
+			-- User application
+
+	salt: detachable STRING_32
+			-- User's password salt.		
 
 feature -- Access: helper
 
@@ -220,6 +225,24 @@ feature -- Change element
 			set_last_login_date (create {DATE_TIME}.make_now_utc)
 		end
 
+	feature -- Element change
+
+	set_application (an_application: like application)
+			-- Assign `application' with `an_application'.
+		do
+			application := an_application
+		ensure
+			application_assigned: application = an_application
+		end
+
+	set_salt (a_salt: like salt)
+			-- Assign `salt' with `a_salt'.
+		do
+			salt := a_salt
+		ensure
+			salt_assigned: salt = a_salt
+		end
+
 feature -- Element change: roles
 
 	set_roles (lst: like roles)
@@ -302,6 +325,6 @@ invariant
 	id_or_name_set: id > 0 or else not name.is_whitespace
 
 note
-	copyright: "2011-2015, Javier Velilla, Jocelyn Fiat, Eiffel Software and others"
+	copyright: "2011-2016, Javier Velilla, Jocelyn Fiat, Eiffel Software and others"
 	license: "Eiffel Forum License v2 (see http://www.eiffel.com/licensing/forum.txt)"
 end
diff --git a/modules/auth/cms_auth_api.e b/modules/auth/cms_auth_api.e
index 22bbf0d..f4420c8 100644
--- a/modules/auth/cms_auth_api.e
+++ b/modules/auth/cms_auth_api.e
@@ -49,7 +49,7 @@ feature -- Access
 
 feature -- Temp User
 
-	new_temp_user (a_user: CMS_TEMPORAL_USER)
+	new_temp_user (a_user: CMS_USER)
 			-- Add a new user `a_user'.
 		require
 			no_id: not a_user.has_id
@@ -73,7 +73,7 @@ feature -- Temp User
 			auth_storage.remove_activation (a_token)
 		end
 
-	delete_user (a_user: CMS_TEMPORAL_USER)
+	delete_user (a_user: CMS_USER)
 			-- Delete user `a_user'.
 		require
 			has_id: a_user.has_id
diff --git a/modules/auth/cms_authentication_module.e b/modules/auth/cms_authentication_module.e
index b4bba83..156b0ef 100644
--- a/modules/auth/cms_authentication_module.e
+++ b/modules/auth/cms_authentication_module.e
@@ -7,6 +7,7 @@ class
 	CMS_AUTHENTICATION_MODULE
 
 inherit
+
 	CMS_MODULE
 		rename
 			module_api as auth_api
@@ -50,7 +51,6 @@ feature {NONE} -- Initialization
 			version := "1.0"
 			description := "Authentication module"
 			package := "authentication"
-
 			create root_dir.make_current
 			cache_duration := 0
 		end
@@ -64,6 +64,10 @@ feature -- Access
 		do
 			Result := Precursor
 			Result.force ("account register")
+			Result.force ("account activate")
+			Result.force ("account reject")
+			Result.force ("account reactivate")
+			Result.force ("admin registration")
 		end
 
 feature -- Access: docs
@@ -81,7 +85,7 @@ feature -- Access: docs
 			Result := cache_duration = 0
 		end
 
-feature {CMS_API} -- Module Initialization			
+feature {CMS_API} -- Module Initialization
 
 	initialize (a_api: CMS_API)
 			-- <Precursor>
@@ -95,7 +99,7 @@ feature {CMS_API} -- Module Initialization
 			if attached a_api.storage.as_sql_storage as l_storage_sql then
 				create {CMS_AUTH_STORAGE_SQL} l_user_auth_storage.make (l_storage_sql)
 			else
-				-- FIXME: in case of NULL storage, should Current be disabled?
+					-- FIXME: in case of NULL storage, should Current be disabled?
 				create {CMS_AUTH_STORAGE_NULL} l_user_auth_storage
 			end
 
@@ -111,22 +115,21 @@ feature {CMS_API} -- Module Initialization
 				-- Schema
 			if attached api.storage.as_sql_storage as l_sql_storage then
 				if not l_sql_storage.sql_table_exists ("auth_temp_user") then
-					--| Schema
-					l_sql_storage.sql_execute_file_script (api.module_resource_location (Current, (create {PATH}.make_from_string ("scripts")).extended ("auth_temp_user.sql")), Void)
-
+						--| Schema
+					l_sql_storage.sql_execute_file_script (api.module_resource_location (Current, (create {PATH}.make_from_string ("scripts")).extended ("auth_temp_users.sql")), Void)
 					if l_sql_storage.has_error then
 						api.logger.put_error ("Could not initialize database for auth_module", generating_type)
 					end
 				end
 				l_sql_storage.sql_finalize
-				Precursor {CMS_MODULE}(api)
+				Precursor {CMS_MODULE} (api)
 			end
 		end
 
 feature {CMS_API} -- Access: API
 
 	auth_api: detachable CMS_AUTH_API
-			-- <Precursor>			
+			-- <Precursor>
 
 feature -- Router
 
@@ -134,21 +137,29 @@ feature -- Router
 			-- <Precursor>
 		do
 			configure_web (a_api, a_router)
+			configure_web_admin (a_api, a_router)
 		end
 
 	configure_web (a_api: CMS_API; a_router: WSF_ROUTER)
 		do
-			a_router.handle ("/account", create {WSF_URI_AGENT_HANDLER}.make (agent handle_account (a_api, ?, ?)), a_router.methods_head_get)
-			a_router.handle ("/account/roc-login", create {WSF_URI_AGENT_HANDLER}.make (agent handle_login (a_api, ?, ?)), a_router.methods_head_get)
-			a_router.handle ("/account/roc-logout", create {WSF_URI_AGENT_HANDLER}.make (agent handle_logout (a_api, ?, ?)), a_router.methods_head_get)
-			a_router.handle ("/account/roc-register", create {WSF_URI_AGENT_HANDLER}.make (agent handle_register (a_api, ?, ?)), a_router.methods_get_post)
-			a_router.handle ("/account/activate/{token}", create {WSF_URI_TEMPLATE_AGENT_HANDLER}.make (agent handle_activation (a_api, ?, ?)), a_router.methods_head_get)
-			a_router.handle ("/account/reject/{token}", create {WSF_URI_TEMPLATE_AGENT_HANDLER}.make (agent handle_reject (a_api, ?, ?)), a_router.methods_head_get)
-			a_router.handle ("/account/reactivate", create {WSF_URI_AGENT_HANDLER}.make (agent handle_reactivation (a_api, ?, ?)), a_router.methods_get_post)
-			a_router.handle ("/account/new-password", create {WSF_URI_AGENT_HANDLER}.make (agent handle_new_password (a_api, ?, ?)), a_router.methods_get_post)
-			a_router.handle ("/account/reset-password", create {WSF_URI_AGENT_HANDLER}.make (agent handle_reset_password (a_api, ?, ?)), a_router.methods_get_post)
-			a_router.handle ("/account/change-password", create {WSF_URI_AGENT_HANDLER}.make (agent handle_change_password (a_api, ?, ?)), a_router.methods_get_post)
-			a_router.handle ("/account/post-change-password", create {WSF_URI_AGENT_HANDLER}.make (agent handle_post_change_password (a_api, ?, ?)), a_router.methods_get)
+			a_router.handle ("/account", create {WSF_URI_AGENT_HANDLER}.make (agent handle_account(a_api, ?, ?)), a_router.methods_head_get)
+			a_router.handle ("/account/roc-login", create {WSF_URI_AGENT_HANDLER}.make (agent handle_login(a_api, ?, ?)), a_router.methods_head_get)
+			a_router.handle ("/account/roc-logout", create {WSF_URI_AGENT_HANDLER}.make (agent handle_logout(a_api, ?, ?)), a_router.methods_head_get)
+			a_router.handle ("/account/roc-register", create {WSF_URI_AGENT_HANDLER}.make (agent handle_register(a_api, ?, ?)), a_router.methods_get_post)
+			a_router.handle ("/account/activate/{token}", create {WSF_URI_TEMPLATE_AGENT_HANDLER}.make (agent handle_activation(a_api, ?, ?)), a_router.methods_head_get)
+			a_router.handle ("/account/reject/{token}", create {WSF_URI_TEMPLATE_AGENT_HANDLER}.make (agent handle_reject(a_api, ?, ?)), a_router.methods_head_get)
+			a_router.handle ("/account/reactivate", create {WSF_URI_AGENT_HANDLER}.make (agent handle_reactivation(a_api, ?, ?)), a_router.methods_get_post)
+			a_router.handle ("/account/new-password", create {WSF_URI_AGENT_HANDLER}.make (agent handle_new_password(a_api, ?, ?)), a_router.methods_get_post)
+			a_router.handle ("/account/reset-password", create {WSF_URI_AGENT_HANDLER}.make (agent handle_reset_password(a_api, ?, ?)), a_router.methods_get_post)
+			a_router.handle ("/account/change-password", create {WSF_URI_AGENT_HANDLER}.make (agent handle_change_password(a_api, ?, ?)), a_router.methods_get_post)
+			a_router.handle ("/account/post-change-password", create {WSF_URI_AGENT_HANDLER}.make (agent handle_post_change_password(a_api, ?, ?)), a_router.methods_get)
+		end
+
+
+	configure_web_admin (a_api: CMS_API; a_router: WSF_ROUTER)
+			-- Configure router mapping for admin web interface.
+		do
+			a_router.handle ("/admin/pending-registrations/", create {WSF_URI_AGENT_HANDLER}.make (agent handle_admin_pending_registrations (?, ?, a_api)), a_router.methods_get)
 		end
 
 feature -- Hooks configuration
@@ -159,6 +170,7 @@ feature -- Hooks configuration
 			auto_subscribe_to_hooks (a_hooks)
 			a_hooks.subscribe_to_block_hook (Current)
 			a_hooks.subscribe_to_value_table_alter_hook (Current)
+			a_hooks.subscribe_to_menu_system_alter_hook (Current)
 		end
 
 	value_table_alter (a_value: CMS_VALUE_TABLE; a_response: CMS_RESPONSE)
@@ -174,7 +186,7 @@ feature -- Hooks configuration
 			lnk: CMS_LOCAL_LINK
 		do
 			if attached a_response.user as u then
-				create lnk.make (u.name, "account" )
+				create lnk.make (u.name, "account")
 				lnk.set_weight (97)
 				a_menu_system.primary_menu.extend (lnk)
 				create lnk.make ("Logout", "account/roc-logout")
@@ -185,7 +197,11 @@ feature -- Hooks configuration
 				lnk.set_weight (98)
 				a_menu_system.primary_menu.extend (lnk)
 			end
-
+				 -- Add the link to the taxonomy to the main menu
+			if a_response.has_permission ("admin registration") then
+				create lnk.make ("Registration", "admin/pending-registrations/")
+				a_menu_system.management_menu.extend (lnk)
+			end
 		end
 
 feature -- Handler
@@ -195,7 +211,6 @@ feature -- Handler
 			r: CMS_RESPONSE
 		do
 			create {GENERIC_VIEW_CMS_RESPONSE} r.make (req, res, api)
-
 			if attached template_block ("account_info", r) as l_tpl_block then
 				if attached r.user as l_user then
 					r.set_value (api.user_api.user_roles (l_user), "roles")
@@ -237,7 +252,7 @@ feature -- Handler
 		local
 			r: CMS_RESPONSE
 			l_user_api: CMS_USER_API
-			u: CMS_TEMPORAL_USER
+			u: CMS_USER
 			l_exist: BOOLEAN
 			es: CMS_AUTHENTICATON_EMAIL_SERVICE
 			l_url_activate: STRING
@@ -246,19 +261,10 @@ feature -- Handler
 			l_captcha_passed: BOOLEAN
 		do
 			create {GENERIC_VIEW_CMS_RESPONSE} r.make (req, res, api)
-			if
-				r.has_permission ("account register") and then
-			   	attached auth_api as l_auth_api
-			then
+			if r.has_permission ("account register") and then attached auth_api as l_auth_api then
 				if req.is_post_request_method then
-					if
-						attached {WSF_STRING} req.form_parameter ("name") as l_name and then
-						attached {WSF_STRING} req.form_parameter ("password") as l_password and then
-						attached {WSF_STRING} req.form_parameter ("email") as l_email and then
-						attached {WSF_STRING} req.form_parameter ("application") as l_application
-					then
+					if attached {WSF_STRING} req.form_parameter ("name") as l_name and then attached {WSF_STRING} req.form_parameter ("password") as l_password and then attached {WSF_STRING} req.form_parameter ("email") as l_email and then attached {WSF_STRING} req.form_parameter ("application") as l_application then
 						l_user_api := api.user_api
-
 						if attached l_user_api.user_by_name (l_name.value) or else attached l_auth_api.user_by_name (l_name.value) then
 								-- Username already exist.
 							r.set_value ("User name already exists!", "error_name")
@@ -269,12 +275,8 @@ feature -- Handler
 							r.set_value ("An account is already associated with that email address!", "error_email")
 							l_exist := True
 						end
-
 						if attached recaptcha_secret_key (api) as l_recaptcha_key then
-							if
-								attached {WSF_STRING} req.form_parameter ("g-recaptcha-response") as l_recaptcha_response and then
-								is_captcha_verified (l_recaptcha_key, l_recaptcha_response.value)
-							then
+							if attached {WSF_STRING} req.form_parameter ("g-recaptcha-response") as l_recaptcha_response and then is_captcha_verified (l_recaptcha_key, l_recaptcha_response.value) then
 								l_captcha_passed := True
 							else
 									--| Bad or missing captcha
@@ -284,7 +286,6 @@ feature -- Handler
 								--| reCaptcha is not setup, so no verification
 							l_captcha_passed := True
 						end
-
 						if not l_exist then
 
 								-- New temp user
@@ -321,7 +322,6 @@ feature -- Handler
 				create {FORBIDDEN_ERROR_CMS_RESPONSE} r.make (req, res, api)
 				r.set_main_content ("You can also contact the webmaster to ask for an account.")
 			end
-
 			r.execute
 		end
 
@@ -335,43 +335,44 @@ feature -- Handler
 			if attached auth_api as l_auth_api then
 				l_user_api := api.user_api
 				create {GENERIC_VIEW_CMS_RESPONSE} r.make (req, res, api)
-				if attached {WSF_STRING} req.path_parameter ("token") as l_token then
+				if r.has_permission ("account activate") then
+					if attached {WSF_STRING} req.path_parameter ("token") as l_token then
+						if attached {CMS_USER} l_auth_api.user_by_activation_token (l_token.value) as l_user then
+								-- Delete temporal User
+							l_auth_api.delete_user (l_user)
 
-					if attached {CMS_TEMPORAL_USER} l_auth_api.user_by_activation_token (l_token.value) as l_user then
-							-- Delete temporal User
-						l_auth_api.delete_user (l_user)
-
-							-- Valid user_id
-						l_user.set_id (0)
-						l_user.mark_active
-						l_user_api.new_user (l_user)
-						l_auth_api.remove_activation (l_token.value)
-
-						r.set_main_content ("<p> The account <i>"+ l_user.name +"</i> has been activated</p>")
-							-- Send Email
-						if attached l_user.email as l_email then
-							create es.make (create {CMS_AUTHENTICATION_EMAIL_SERVICE_PARAMETERS}.make (api))
-							write_debug_log (generator + ".handle register: send_contact_activation_confirmation_email")
-							es.send_contact_activation_confirmation_email (l_email, req.absolute_script_url (""))
+								-- Valid user_id
+							l_user.set_id (0)
+							l_user.mark_active
+							l_user_api.new_user_from_temporal_user (l_user)
+							l_auth_api.remove_activation (l_token.value)
+							r.set_main_content ("<p> The account <i>" + l_user.name + "</i> has been activated</p>")
+								-- Send Email
+							if attached l_user.email as l_email then
+								create es.make (create {CMS_AUTHENTICATION_EMAIL_SERVICE_PARAMETERS}.make (api))
+								write_debug_log (generator + ".handle register: send_contact_activation_confirmation_email")
+								es.send_contact_activation_confirmation_email (l_email, req.absolute_script_url (""))
+							end
+						else
+								-- the token does not exist, or it was already used.
+							r.set_status_code ({HTTP_CONSTANTS}.bad_request)
+							r.set_main_content ("<p>The token <i>" + l_token.value + "</i> is not valid " + r.link ("Reactivate Account", "account/reactivate", Void) + "</p>")
 						end
+						r.execute
 					else
-							-- the token does not exist, or it was already used.
-						r.set_status_code ({HTTP_CONSTANTS}.bad_request)
-						r.set_main_content ("<p>The token <i>" + l_token.value +"</i> is not valid " + r.link ("Reactivate Account", "account/reactivate", Void) + "</p>")
+						create l_ir.make (req, res, api)
+						l_ir.execute
 					end
-					r.execute
 				else
-					create l_ir.make (req, res, api)
-					l_ir.execute
+					create {FORBIDDEN_ERROR_CMS_RESPONSE} r.make (req, res, api)
+					r.execute
 				end
 			else
 				create {INTERNAL_SERVER_ERROR_CMS_RESPONSE} r.make (req, res, api)
---				r.set_main_content ("...")
 				r.execute
 			end
 		end
 
-
 	handle_reject (api: CMS_API; req: WSF_REQUEST; res: WSF_RESPONSE)
 		local
 			r: CMS_RESPONSE
@@ -381,25 +382,30 @@ feature -- Handler
 		do
 			if attached auth_api as l_auth_api then
 				create {GENERIC_VIEW_CMS_RESPONSE} r.make (req, res, api)
-				if attached {WSF_STRING} req.path_parameter ("token") as l_token then
-					if attached {CMS_TEMPORAL_USER} l_auth_api.user_by_activation_token (l_token.value) as l_user then
-						l_auth_api.delete_user (l_user)
-						r.set_main_content ("<p> The temporal account for <i>"+ l_user.name +"</i> has been removed</p>")
-							-- Send Email
-						if attached l_user.email as l_email then
-							create es.make (create {CMS_AUTHENTICATION_EMAIL_SERVICE_PARAMETERS}.make (api))
-							write_debug_log (generator + ".handle register: send_contact_activation_reject_email")
-							es.send_contact_activation_reject_email (l_email, req.absolute_script_url (""))
+				if r.has_permission ("account reject") then
+					if attached {WSF_STRING} req.path_parameter ("token") as l_token then
+						if attached {CMS_USER} l_auth_api.user_by_activation_token (l_token.value) as l_user then
+							l_auth_api.delete_user (l_user)
+							r.set_main_content ("<p> The temporal account for <i>" + l_user.name + "</i> has been removed</p>")
+								-- Send Email
+							if attached l_user.email as l_email then
+								create es.make (create {CMS_AUTHENTICATION_EMAIL_SERVICE_PARAMETERS}.make (api))
+								write_debug_log (generator + ".handle register: send_contact_activation_reject_email")
+								es.send_contact_activation_reject_email (l_email, req.absolute_script_url (""))
+							end
+						else
+								-- the token does not exist, or it was already used.
+							r.set_status_code ({HTTP_CONSTANTS}.bad_request)
+							r.set_main_content ("<p>The token <i>" + l_token.value + "</i> is not valid ")
 						end
+						r.execute
 					else
-							-- the token does not exist, or it was already used.
-						r.set_status_code ({HTTP_CONSTANTS}.bad_request)
-						r.set_main_content ("<p>The token <i>" + l_token.value +"</i> is not valid ")
+						create l_ir.make (req, res, api)
+						l_ir.execute
 					end
-					r.execute
 				else
-					create l_ir.make (req, res, api)
-					l_ir.execute
+					create {FORBIDDEN_ERROR_CMS_RESPONSE} r.make (req, res, api)
+					r.execute
 				end
 			else
 				create {INTERNAL_SERVER_ERROR_CMS_RESPONSE} r.make (req, res, api)
@@ -418,35 +424,38 @@ feature -- Handler
 		do
 			if attached auth_api as l_auth_api then
 				create {GENERIC_VIEW_CMS_RESPONSE} r.make (req, res, api)
-				if req.is_post_request_method then
-					if
-						attached {WSF_STRING} req.form_parameter ("email") as l_email
-					then
-						l_user_api := api.user_api
-						if 	attached {CMS_TEMPORAL_USER} l_auth_api.user_by_email (l_email.value) as l_user then
-								-- User exist create a new token and send a new email.
-							if l_user.is_active then
-								r.set_value ("The asociated user to the given email " + l_email.value + " , is already active", "is_active")
-								r.set_status_code ({HTTP_CONSTANTS}.bad_request)
-							else
-								l_token := new_token
-								l_user_api.new_activation (l_token, l_user.id)
-								l_url_activate := req.absolute_script_url ("/account/activate/" + l_token)
-								l_url_reject := req.absolute_script_url ("/account/reject/" + l_token)
+				if r.has_permission ("account reactivate") then
+					if req.is_post_request_method then
+						if attached {WSF_STRING} req.form_parameter ("email") as l_email then
+							l_user_api := api.user_api
+							if attached {CMS_USER} l_auth_api.user_by_email (l_email.value) as l_user then
+									-- User exist create a new token and send a new email.
+								if l_user.is_active then
+									r.set_value ("The asociated user to the given email " + l_email.value + " , is already active", "is_active")
+									r.set_status_code ({HTTP_CONSTANTS}.bad_request)
+								else
+									l_token := new_token
+									l_user_api.new_activation (l_token, l_user.id)
+									l_url_activate := req.absolute_script_url ("/account/activate/" + l_token)
+									l_url_reject := req.absolute_script_url ("/account/reject/" + l_token)
 
-									-- Send Email to webmaster
-								if attached l_user.application as l_application then
-									create es.make (create {CMS_AUTHENTICATION_EMAIL_SERVICE_PARAMETERS}.make (api))
-									write_debug_log (generator + ".handle register: send_register_email")
-									es.send_account_evaluation (l_user, l_application, l_url_activate, l_url_reject)
+										-- Send Email to webmaster
+									if attached l_user.application as l_application then
+										create es.make (create {CMS_AUTHENTICATION_EMAIL_SERVICE_PARAMETERS}.make (api))
+										write_debug_log (generator + ".handle register: send_register_email")
+										es.send_account_evaluation (l_user, l_application, l_url_activate, l_url_reject)
+									end
 								end
+							else
+								r.set_value ("The email does not exist or !", "error_email")
+								r.set_value (l_email.value, "email")
+								r.set_status_code ({HTTP_CONSTANTS}.bad_request)
 							end
-						else
-							r.set_value ("The email does not exist or !", "error_email")
-							r.set_value (l_email.value, "email")
-							r.set_status_code ({HTTP_CONSTANTS}.bad_request)
 						end
 					end
+				else
+					create {FORBIDDEN_ERROR_CMS_RESPONSE} r.make (req, res, api)
+					r.execute
 				end
 			else
 				create {INTERNAL_SERVER_ERROR_CMS_RESPONSE} r.make (req, res, api)
@@ -466,13 +475,13 @@ feature -- Handler
 			if req.is_post_request_method then
 				l_user_api := api.user_api
 				if attached {WSF_STRING} req.form_parameter ("email") as l_email then
-					if 	attached {CMS_USER} l_user_api.user_by_email (l_email.value) as l_user then
-								-- User exist create a new token and send a new email.
+					if attached {CMS_USER} l_user_api.user_by_email (l_email.value) as l_user then
+							-- User exist create a new token and send a new email.
 						l_token := new_token
 						l_user_api.new_password (l_token, l_user.id)
 						l_url := req.absolute_script_url ("/account/reset-password?token=" + l_token)
 
-								-- Send Email
+							-- Send Email
 						create es.make (create {CMS_AUTHENTICATION_EMAIL_SERVICE_PARAMETERS}.make (api))
 						write_debug_log (generator + ".handle register: send_contact_password_email")
 						es.send_contact_password_email (l_email.value, l_url)
@@ -482,15 +491,13 @@ feature -- Handler
 						r.set_status_code ({HTTP_CONSTANTS}.bad_request)
 					end
 				elseif attached {WSF_STRING} req.form_parameter ("username") as l_username then
-					if 	attached {CMS_USER} l_user_api.user_by_name (l_username) as l_user and then
-						attached l_user.email as l_email
-					then
-								-- User exist create a new token and send a new email.
+					if attached {CMS_USER} l_user_api.user_by_name (l_username) as l_user and then attached l_user.email as l_email then
+							-- User exist create a new token and send a new email.
 						l_token := new_token
 						l_user_api.new_password (l_token, l_user.id)
 						l_url := req.absolute_script_url ("/account/reset-password?token=" + l_token)
 
-								-- Send Email
+							-- Send Email
 						create es.make (create {CMS_AUTHENTICATION_EMAIL_SERVICE_PARAMETERS}.make (api))
 						write_debug_log (generator + ".handle register: send_contact_password_email")
 						es.send_contact_password_email (l_email, l_url)
@@ -504,7 +511,6 @@ feature -- Handler
 			r.execute
 		end
 
-
 	handle_reset_password (api: CMS_API; req: WSF_REQUEST; res: WSF_RESPONSE)
 		local
 			r: CMS_RESPONSE
@@ -512,24 +518,18 @@ feature -- Handler
 		do
 			create {GENERIC_VIEW_CMS_RESPONSE} r.make (req, res, api)
 			l_user_api := api.user_api
-			if	attached {WSF_STRING} req.query_parameter ("token") as l_token then
+			if attached {WSF_STRING} req.query_parameter ("token") as l_token then
 				r.set_value (l_token.value, "token")
-				if l_user_api.user_by_password_token (l_token.value) = Void  then
-					r.set_value ("The token " + l_token.value + " is not valid, " + r.link ("click here" , "account/new-password", Void) + " to generate a new token.", "error_token")
+				if l_user_api.user_by_password_token (l_token.value) = Void then
+					r.set_value ("The token " + l_token.value + " is not valid, " + r.link ("click here", "account/new-password", Void) + " to generate a new token.", "error_token")
 					r.set_status_code ({HTTP_CONSTANTS}.bad_request)
 				end
 			end
-
 			if req.is_post_request_method then
-
-				if
-					attached {WSF_STRING} req.form_parameter ("token") as l_token and then
-					attached {WSF_STRING} req.form_parameter ("password") as l_password and then
-					attached {WSF_STRING} req.form_parameter ("confirm_password") as l_confirm_password
-				then
-						-- Does the passwords match?	
+				if attached {WSF_STRING} req.form_parameter ("token") as l_token and then attached {WSF_STRING} req.form_parameter ("password") as l_password and then attached {WSF_STRING} req.form_parameter ("confirm_password") as l_confirm_password then
+						-- Does the passwords match?
 					if l_password.value.same_string (l_confirm_password.value) then
-							-- is the token valid?	
+							-- is the token valid?
 						if attached {CMS_USER} l_user_api.user_by_password_token (l_token.value) as l_user then
 							l_user.set_password (l_password.value)
 							l_user_api.update_user (l_user)
@@ -552,22 +552,17 @@ feature -- Handler
 		do
 			create {GENERIC_VIEW_CMS_RESPONSE} r.make (req, res, api)
 			l_user_api := api.user_api
-
 			if req.is_post_request_method then
-				if attached r.user as l_user  then
+				if attached r.user as l_user then
 					r.set_value (api.user_api.user_roles (l_user), "roles")
-					if
-						attached {WSF_STRING} req.form_parameter ("password") as l_password and then
-						attached {WSF_STRING} req.form_parameter ("confirm_password") as l_confirm_password and then
-						l_password.value.same_string (l_confirm_password.value)
-					then
-							-- Does the passwords match?	
+					if attached {WSF_STRING} req.form_parameter ("password") as l_password and then attached {WSF_STRING} req.form_parameter ("confirm_password") as l_confirm_password and then l_password.value.same_string (l_confirm_password.value) then
+							-- Does the passwords match?
 						l_user.set_password (l_password.value)
 						l_user_api.update_user (l_user)
 						r.set_redirection (req.absolute_script_url ("/account/post-change-password"))
 					else
 						if attached template_block ("account_info", r) as l_tpl_block then
---							r.set_value (l_user, "user")
+								--							r.set_value (l_user, "user")
 							r.set_value ("Passwords Don't Match", "error_password")
 							r.set_status_code ({HTTP_CONSTANTS}.bad_request)
 							r.add_block (l_tpl_block, "content")
@@ -589,11 +584,21 @@ feature -- Handler
 			r.execute
 		end
 
+
+	handle_admin_pending_registrations (req: WSF_REQUEST; res: WSF_RESPONSE; api: CMS_API)
+		local
+			l_page: CMS_RESPONSE
+			lnk: CMS_LOCAL_LINK
+		do
+			create {GENERIC_VIEW_CMS_RESPONSE} l_page.make (req, res, api)
+			l_page.execute
+		end
+
 	block_list: ITERABLE [like {CMS_BLOCK}.name]
 		local
 			l_string: STRING
 		do
-			Result := <<"register", "reactivate", "new_password", "reset_password">>
+			Result := <<"register", "reactivate", "new_password", "reset_password", "registration">>
 			debug ("roc")
 				create l_string.make_empty
 				across
@@ -602,32 +607,22 @@ feature -- Handler
 					l_string.append (ic.item)
 					l_string.append_character (' ')
 				end
-				write_debug_log (generator + ".block_list:" + l_string )
+				write_debug_log (generator + ".block_list:" + l_string)
 			end
 		end
 
 	get_block_view (a_block_id: READABLE_STRING_8; a_response: CMS_RESPONSE)
 		do
-			if
-				a_block_id.is_case_insensitive_equal_general ("register") and then
-				a_response.location.starts_with ("account/roc-register")
-			then
+			if a_block_id.is_case_insensitive_equal_general ("register") and then a_response.location.starts_with ("account/roc-register") then
 				get_block_view_register (a_block_id, a_response)
-			elseif
-				a_block_id.is_case_insensitive_equal_general ("reactivate") and then
-				a_response.location.starts_with ("account/reactivate")
-			then
+			elseif a_block_id.is_case_insensitive_equal_general ("reactivate") and then a_response.location.starts_with ("account/reactivate") then
 				get_block_view_reactivate (a_block_id, a_response)
-			elseif
-				a_block_id.is_case_insensitive_equal_general ("new_password") and then
-				a_response.location.starts_with ("account/new-password")
-			then
+			elseif a_block_id.is_case_insensitive_equal_general ("new_password") and then a_response.location.starts_with ("account/new-password") then
 				get_block_view_new_password (a_block_id, a_response)
-			elseif
-				a_block_id.is_case_insensitive_equal_general ("reset_password") and then
-				a_response.location.starts_with ("account/reset-password")
-			then
+			elseif a_block_id.is_case_insensitive_equal_general ("reset_password") and then a_response.location.starts_with ("account/reset-password") then
 				get_block_view_reset_password (a_block_id, a_response)
+			elseif a_block_id.is_case_insensitive_equal_general ("registration") and then a_response.location.starts_with ("admin/pending-registrations") then
+				get_block_view_registration (a_block_id, a_response)
 			end
 		end
 
@@ -643,10 +638,13 @@ feature {NONE} -- Token Generation
 			create l_security
 			l_token := l_security.token
 			create l_encode
-			from until l_token.same_string (l_encode.encoded_string (l_token)) loop
-				-- Loop ensure that we have a security token that does not contain characters that need encoding.
-			    -- We cannot simply to an encode-decode because the email sent to the user will contain an encoded token
-				-- but the user will need to use an unencoded token if activation has to be done manually.
+			from
+			until
+				l_token.same_string (l_encode.encoded_string (l_token))
+			loop
+					-- Loop ensure that we have a security token that does not contain characters that need encoding.
+					-- We cannot simply to an encode-decode because the email sent to the user will contain an encoded token
+					-- but the user will need to use an unencoded token if activation has to be done manually.
 				l_token := l_security.token
 			end
 			Result := l_token
@@ -661,7 +659,6 @@ feature {NONE} -- Helpers
 		do
 			create p.make_from_string ("templates")
 			p := p.extended ("block_").appended (a_block_id).appended_with_extension ("tpl")
-
 			p := a_response.api.module_theme_resource_location (Current, p)
 			if p /= Void then
 				if attached p.entry as e then
@@ -674,27 +671,6 @@ feature {NONE} -- Helpers
 
 feature {NONE} -- Block views
 
---	get_block_view_login (a_block_id: READABLE_STRING_8; a_response: CMS_RESPONSE)
---		local
-----			vals: CMS_VALUE_TABLE
---		do
---			if attached template_block (a_block_id, a_response) as l_tpl_block then
-----				create vals.make (1)
-----					-- add the variable to the block
-----				value_table_alter (vals, a_response)
-----				across
-----					vals as ic
-----				loop
-----					l_tpl_block.set_value (ic.item, ic.key)
-----				end
---				a_response.put_required_block (l_tpl_block, "content")
---			else
---				debug ("cms")
---					a_response.add_warning_message ("Error with block [" + a_block_id + "]")
---				end
---			end
---		end
-
 	get_block_view_register (a_block_id: READABLE_STRING_8; a_response: CMS_RESPONSE)
 		do
 			if a_response.has_permission ("account register") then
@@ -712,10 +688,10 @@ feature {NONE} -- Block views
 				elseif a_response.request.is_post_request_method then
 					if a_response.values.has ("error_name") or else a_response.values.has ("error_email") then
 						if attached template_block (a_block_id, a_response) as l_tpl_block then
-	--						l_tpl_block.set_value (a_response.values.item ("error_name"), "error_name")
-	--						l_tpl_block.set_value (a_response.values.item ("error_email"), "error_email")
-	--						l_tpl_block.set_value (a_response.values.item ("email"), "email")
-	--						l_tpl_block.set_value (a_response.values.item ("name"), "name")
+								--						l_tpl_block.set_value (a_response.values.item ("error_name"), "error_name")
+								--						l_tpl_block.set_value (a_response.values.item ("error_email"), "error_email")
+								--						l_tpl_block.set_value (a_response.values.item ("email"), "email")
+								--						l_tpl_block.set_value (a_response.values.item ("name"), "name")
 							if attached recaptcha_site_key (a_response.api) as l_recaptcha_site_key then
 								l_tpl_block.set_value (l_recaptcha_site_key, "recaptcha_site_key")
 							end
@@ -751,9 +727,9 @@ feature {NONE} -- Block views
 			elseif a_response.request.is_post_request_method then
 				if a_response.values.has ("error_email") or else a_response.values.has ("is_active") then
 					if attached template_block (a_block_id, a_response) as l_tpl_block then
---						l_tpl_block.set_value (a_response.values.item ("error_email"), "error_email")
---						l_tpl_block.set_value (a_response.values.item ("email"), "email")
---						l_tpl_block.set_value (a_response.values.item ("is_active"), "is_active")
+							--						l_tpl_block.set_value (a_response.values.item ("error_email"), "error_email")
+							--						l_tpl_block.set_value (a_response.values.item ("email"), "email")
+							--						l_tpl_block.set_value (a_response.values.item ("is_active"), "is_active")
 						a_response.add_block (l_tpl_block, "content")
 					else
 						debug ("cms")
@@ -783,12 +759,12 @@ feature {NONE} -- Block views
 					end
 				end
 			elseif a_response.request.is_post_request_method then
-				if a_response.values.has ("error_email") or else a_response.values.has ("error_username")   then
+				if a_response.values.has ("error_email") or else a_response.values.has ("error_username") then
 					if attached template_block (a_block_id, a_response) as l_tpl_block then
---						l_tpl_block.set_value (a_response.values.item ("error_email"), "error_email")
---						l_tpl_block.set_value (a_response.values.item ("email"), "email")
---						l_tpl_block.set_value (a_response.values.item ("error_username"), "error_username")
---						l_tpl_block.set_value (a_response.values.item ("username"), "username")
+							--						l_tpl_block.set_value (a_response.values.item ("error_email"), "error_email")
+							--						l_tpl_block.set_value (a_response.values.item ("email"), "email")
+							--						l_tpl_block.set_value (a_response.values.item ("error_username"), "error_username")
+							--						l_tpl_block.set_value (a_response.values.item ("username"), "username")
 						a_response.add_block (l_tpl_block, "content")
 					else
 						debug ("cms")
@@ -811,8 +787,8 @@ feature {NONE} -- Block views
 		do
 			if a_response.request.is_get_request_method then
 				if attached template_block (a_block_id, a_response) as l_tpl_block then
---					l_tpl_block.set_value (a_response.values.item ("token"), "token")
---					l_tpl_block.set_value (a_response.values.item ("error_token"), "error_token")
+						--					l_tpl_block.set_value (a_response.values.item ("token"), "token")
+						--					l_tpl_block.set_value (a_response.values.item ("error_token"), "error_token")
 					a_response.add_block (l_tpl_block, "content")
 				else
 					debug ("cms")
@@ -820,11 +796,11 @@ feature {NONE} -- Block views
 					end
 				end
 			elseif a_response.request.is_post_request_method then
-				if a_response.values.has ("error_token") or else a_response.values.has ("error_password")   then
+				if a_response.values.has ("error_token") or else a_response.values.has ("error_password") then
 					if attached template_block (a_block_id, a_response) as l_tpl_block then
---						l_tpl_block.set_value (a_response.values.item ("error_token"), "error_token")
---						l_tpl_block.set_value (a_response.values.item ("error_password"), "error_password")
---						l_tpl_block.set_value (a_response.values.item ("token"), "token")
+							--						l_tpl_block.set_value (a_response.values.item ("error_token"), "error_token")
+							--						l_tpl_block.set_value (a_response.values.item ("error_password"), "error_password")
+							--						l_tpl_block.set_value (a_response.values.item ("token"), "token")
 						a_response.add_block (l_tpl_block, "content")
 					else
 						debug ("cms")
@@ -843,6 +819,10 @@ feature {NONE} -- Block views
 			end
 		end
 
+	get_block_view_registration	(a_block_id: READABLE_STRING_8; a_response: CMS_RESPONSE)
+		do
+				-- TODO finish
+		end
 
 feature -- Recaptcha
 
@@ -852,10 +832,7 @@ feature -- Recaptcha
 			utf: UTF_CONVERTER
 		do
 			if attached api.module_configuration (Current, Void) as cfg then
-				if
-					attached cfg.text_item ("recaptcha.secret_key") as l_recaptcha_key and then
-					not l_recaptcha_key.is_empty
-				then
+				if attached cfg.text_item ("recaptcha.secret_key") as l_recaptcha_key and then not l_recaptcha_key.is_empty then
 					Result := utf.utf_32_string_to_utf_8_string_8 (l_recaptcha_key)
 				end
 			end
@@ -867,16 +844,12 @@ feature -- Recaptcha
 			utf: UTF_CONVERTER
 		do
 			if attached api.module_configuration (Current, Void) as cfg then
-				if
-					attached cfg.text_item ("recaptcha.site_key") as l_recaptcha_key and then
-					not l_recaptcha_key.is_empty
-				then
+				if attached cfg.text_item ("recaptcha.site_key") as l_recaptcha_key and then not l_recaptcha_key.is_empty then
 					Result := utf.utf_32_string_to_utf_8_string_8 (l_recaptcha_key)
 				end
 			end
 		end
 
-
 feature -- Response Alter
 
 	response_alter (a_response: CMS_RESPONSE)
@@ -897,21 +870,25 @@ feature {NONE} -- Implementation
 			if not Result and then attached api.errors as l_api_errors then
 				create l_errors.make_empty
 				l_errors.append_character ('%N')
-				across l_api_errors as ic loop
-					l_errors.append ( ic.item )
+				across
+					l_api_errors as ic
+				loop
+					l_errors.append (ic.item)
 					l_errors.append_character ('%N')
 				end
 				write_error_log (generator + ".is_captcha_verified api_errors [" + l_errors + "]")
 			end
 		end
+
 note
 	copyright: "Copyright (c) 1984-2013, Eiffel Software and others"
 	license: "Eiffel Forum License v2 (see http://www.eiffel.com/licensing/forum.txt)"
 	source: "[
-			Eiffel Software
-			5949 Hollister Ave., Goleta, CA 93117 USA
-			Telephone 805-685-1006, Fax 805-685-6869
-			Website http://www.eiffel.com
-			Customer support http://support.eiffel.com
-		]"
+		Eiffel Software
+		5949 Hollister Ave., Goleta, CA 93117 USA
+		Telephone 805-685-1006, Fax 805-685-6869
+		Website http://www.eiffel.com
+		Customer support http://support.eiffel.com
+	]"
+
 end
diff --git a/modules/auth/cms_authenticaton_email_service.e b/modules/auth/cms_authenticaton_email_service.e
index 48758f7..bd28c4f 100644
--- a/modules/auth/cms_authenticaton_email_service.e
+++ b/modules/auth/cms_authenticaton_email_service.e
@@ -101,7 +101,7 @@ feature -- Basic Operations
 		do
 			create l_message.make_from_string (parameters.account_rejected)
 			l_message.replace_substring_all ("$link", a_content)
-			send_message (contact_email, a_to, parameters.contact_subject_activate, l_message)
+			send_message (contact_email, a_to, parameters.contact_subject_rejected, l_message)
 		end
 
 
diff --git a/modules/auth/model/cms_temporal_user.e b/modules/auth/model/cms_temporal_user.e
deleted file mode 100644
index 4ea4af4..0000000
--- a/modules/auth/model/cms_temporal_user.e
+++ /dev/null
@@ -1,32 +0,0 @@
-note
-	description: "Summary description for {CMS_TEMPORAL_USER}."
-	date: "$Date$"
-	revision: "$Revision$"
-
-class
-	CMS_TEMPORAL_USER
-
-inherit
-
-	CMS_USER
-
-create
-		make,
-		make_with_id
-
-feature -- Access
-
-	application: detachable STRING_32
-			-- User application
-
-feature -- Element change
-
-	set_application (an_application: like application)
-			-- Assign `application' with `an_application'.
-		do
-			application := an_application
-		ensure
-			application_assigned: application = an_application
-		end
-
-end
diff --git a/modules/auth/persistence/cms_auth_storage_i.e b/modules/auth/persistence/cms_auth_storage_i.e
index 48851ad..e6ba77e 100644
--- a/modules/auth/persistence/cms_auth_storage_i.e
+++ b/modules/auth/persistence/cms_auth_storage_i.e
@@ -58,14 +58,14 @@ feature -- New Temp User
 		deferred
 		end
 
-	new_temp_user (a_user: CMS_TEMPORAL_USER)
+	new_temp_user (a_user: CMS_USER)
 			-- New temp user `a_user'.
 		require
 			no_id: not a_user.has_id
 		deferred
 		end
 
-	delete_user (a_user: CMS_TEMPORAL_USER)
+	delete_user (a_user: CMS_USER)
 			-- Delete user `a_user'.
 		require
 			has_id: a_user.has_id
diff --git a/modules/auth/persistence/cms_auth_storage_null.e b/modules/auth/persistence/cms_auth_storage_null.e
index 505b558..18abc06 100644
--- a/modules/auth/persistence/cms_auth_storage_null.e
+++ b/modules/auth/persistence/cms_auth_storage_null.e
@@ -48,12 +48,12 @@ feature -- Temp Users
 		do
 		end
 
-	new_temp_user (a_user: CMS_TEMPORAL_USER)
+	new_temp_user (a_user: CMS_USER)
 			-- <Precursor>
 		do
 		end
 
-	delete_user (a_user: CMS_TEMPORAL_USER)
+	delete_user (a_user: CMS_USER)
 			-- <Precursor>
 		do
 		end
diff --git a/modules/auth/persistence/cms_auth_storage_sql.e b/modules/auth/persistence/cms_auth_storage_sql.e
index ea2fe44..4707972 100644
--- a/modules/auth/persistence/cms_auth_storage_sql.e
+++ b/modules/auth/persistence/cms_auth_storage_sql.e
@@ -101,7 +101,7 @@ feature -- Access User Outh
 
 feature {NONE} -- Implementation: User
 
-	fetch_user: detachable CMS_TEMPORAL_USER
+	fetch_user: detachable CMS_USER
 		local
 			l_id: INTEGER_64
 			l_name: detachable READABLE_STRING_32
@@ -125,7 +125,10 @@ feature {NONE} -- Implementation: User
 			if Result /= Void then
 				if attached sql_read_string (3) as l_password then
 						-- FIXME: should we return the password here ???
-					Result.set_password (l_password)
+					Result.set_hashed_password (l_password)
+				end
+				if attached sql_read_string (4) as l_salt then
+					Result.set_email (l_salt)
 				end
 				if attached sql_read_string (5) as l_email then
 					Result.set_email (l_email)
@@ -141,7 +144,7 @@ feature {NONE} -- Implementation: User
 
 feature -- New Temp User	
 
-	new_temp_user (a_user: CMS_TEMPORAL_USER)
+	new_temp_user (a_user: CMS_USER)
 			-- Add a new temp_user `a_user'.
 		local
 			l_parameters: STRING_TABLE [detachable ANY]
@@ -200,7 +203,7 @@ feature -- Remove Activation
 			sql_finalize
 		end
 
-	delete_user (a_user: CMS_TEMPORAL_USER)
+	delete_user (a_user: CMS_USER)
 			-- Delete user `a_user'.
 		local
 			l_parameters: STRING_TABLE [detachable ANY]
diff --git a/modules/auth/site/scripts/auth_temp_user.tpl b/modules/auth/site/scripts/auth_temp_users.tpl
similarity index 78%
rename from modules/auth/site/scripts/auth_temp_user.tpl
rename to modules/auth/site/scripts/auth_temp_users.tpl
index 38ae29b..14d42f6 100644
--- a/modules/auth/site/scripts/auth_temp_user.tpl
+++ b/modules/auth/site/scripts/auth_temp_users.tpl
@@ -1,6 +1,6 @@
 
-DROP TABLE IF EXISTS "auth_temp_user";
-CREATE TABLE `auth_temp_user` (
+DROP TABLE IF EXISTS "auth_temp_users";
+CREATE TABLE `auth_temp_users` (
   `uid` INTEGER PRIMARY KEY AUTOINCREMENT NOT NULL,
   `name` VARCHAR(100) NOT NULL,
   `password` VARCHAR(100) NOT NULL,
diff --git a/modules/auth/site/templates/block_register.tpl b/modules/auth/site/templates/block_register.tpl
index 9e7c478..e55b7b1 100644
--- a/modules/auth/site/templates/block_register.tpl
+++ b/modules/auth/site/templates/block_register.tpl
@@ -1,7 +1,7 @@
  <div>
     <form action="{$site_url/}account/roc-register" method="post">
         <fieldset>
-            <legend>Register Form</legend>
+            <legend>Registration</legend>
             <div>
                 <input type="text" id="name" name="name"  value="{$name/}" required  autofocus />
                 <label for="name">Name</label>
@@ -20,8 +20,19 @@
                     <span><i>{$error_email/}</i></span> <br>
                 {/if}
             </div>
-            
-            
+            <div>
+               <textarea rows="4" cols="50" name="application" id="application" required>
+			   				{$application/}
+			   </textarea>
+			   <label for="application">Tell us why you want to register an account</label>
+                {if isset="$error_application"}
+                    <span><i>{$error_application/}</i></span> <br>
+                {/if}
+            </div>
+            {unless isempty="$recaptcha_site_key"}
+        		<div class="g-recaptcha" data-sitekey="{$recaptcha_site_key/}"></div>
+        	<br/>
+			{/unless}
             <button type="submit">Register</button>
         </fieldset>    
     </form>
diff --git a/src/persistence/user/cms_user_storage_i.e b/src/persistence/user/cms_user_storage_i.e
index 2692e1b..958eca3 100644
--- a/src/persistence/user/cms_user_storage_i.e
+++ b/src/persistence/user/cms_user_storage_i.e
@@ -104,6 +104,12 @@ feature -- Change: user
 		deferred
 		end
 
+	new_user_from_temporal_user (a_user: CMS_USER)
+		require
+			no_id: not a_user.has_id
+		deferred
+		end
+
 	update_user (a_user: CMS_USER)
 			-- Save user `a_user'.
 		require
@@ -234,6 +240,6 @@ feature -- Change: User password recovery
 		end
 
 note
-	copyright: "2011-2015, Jocelyn Fiat, Javier Velilla, Eiffel Software and others"
+	copyright: "2011-2016, Jocelyn Fiat, Javier Velilla, Eiffel Software and others"
 	license: "Eiffel Forum License v2 (see http://www.eiffel.com/licensing/forum.txt)"
 end
diff --git a/src/persistence/user/cms_user_storage_null.e b/src/persistence/user/cms_user_storage_null.e
index c899696..0af4a9c 100644
--- a/src/persistence/user/cms_user_storage_null.e
+++ b/src/persistence/user/cms_user_storage_null.e
@@ -65,6 +65,11 @@ feature -- Change: user
 			a_user.set_id (1)
 		end
 
+	new_user_from_temporal_user (a_user: CMS_USER)
+		do
+			a_user.set_id (1)
+		end
+		
 	update_user (a_user: CMS_USER)
 			-- Update user `a_user'.
 		do
@@ -149,6 +154,6 @@ feature -- Change: User password recovery
 		end
 
 note
-	copyright: "2011-2015, Jocelyn Fiat, Javier Velilla, Eiffel Software and others"
+	copyright: "2011-2016, Jocelyn Fiat, Javier Velilla, Eiffel Software and others"
 	license: "Eiffel Forum License v2 (see http://www.eiffel.com/licensing/forum.txt)"
 end
diff --git a/src/persistence/user/cms_user_storage_sql_i.e b/src/persistence/user/cms_user_storage_sql_i.e
index 640d6ef..16129c0 100644
--- a/src/persistence/user/cms_user_storage_sql_i.e
+++ b/src/persistence/user/cms_user_storage_sql_i.e
@@ -198,6 +198,45 @@ feature -- Access: user
 		end
 feature -- Change: user
 
+	new_user_from_temporal_user (a_user: CMS_USER)
+			-- Add a new user `a_user'.
+		local
+			l_parameters: STRING_TABLE [detachable ANY]
+		do
+			error_handler.reset
+			if
+				attached a_user.hashed_password as l_password_hash and then
+				attached a_user.email as l_email and then
+				attached a_user.salt as l_password_salt
+			then
+				sql_begin_transaction
+
+				write_information_log (generator + ".new_user")
+				create l_parameters.make (4)
+				l_parameters.put (a_user.name, "name")
+				l_parameters.put (l_password_hash, "password")
+				l_parameters.put (l_password_salt, "salt")
+				l_parameters.put (l_email, "email")
+				l_parameters.put (create {DATE_TIME}.make_now_utc, "created")
+				l_parameters.put (a_user.status, "status")
+
+				sql_insert (sql_insert_user, l_parameters)
+				if not error_handler.has_error then
+					a_user.set_id (last_inserted_user_id)
+					update_user_roles (a_user)
+				end
+				if not error_handler.has_error then
+					sql_commit_transaction
+				else
+					sql_rollback_transaction
+				end
+				sql_finalize
+			else
+				-- set error
+				error_handler.add_custom_error (-1, "bad request" , "Missing password or email")
+			end
+		end
+
 	new_user (a_user: CMS_USER)
 			-- Add a new user `a_user'.
 		local
@@ -1010,6 +1049,6 @@ feature {NONE} -- User Password Recovery
 			-- Retrieve user by password token if exist.
 
 note
-	copyright: "2011-2015, Jocelyn Fiat, Javier Velilla, Eiffel Software and others"
+	copyright: "2011-2016, Jocelyn Fiat, Javier Velilla, Eiffel Software and others"
 	license: "Eiffel Forum License v2 (see http://www.eiffel.com/licensing/forum.txt)"
 end
diff --git a/src/service/user/cms_user_api.e b/src/service/user/cms_user_api.e
index 956afd5..36f1e47 100644
--- a/src/service/user/cms_user_api.e
+++ b/src/service/user/cms_user_api.e
@@ -251,7 +251,26 @@ feature -- Change User
 		do
 			reset_error
 			if
-				attached a_user.password as l_password and then
+				attached a_user.email as l_email
+			then
+				storage.new_user (a_user)
+				error_handler.append (storage.error_handler)
+			else
+				error_handler.add_custom_error (0, "bad new user request", "Missing password or email to create new user!")
+			end
+		end
+
+	new_user_from_temporal_user (a_user: CMS_USER)
+			-- Add a new user `a_user'.
+		require
+			no_id: not a_user.has_id
+			has_hashed_password: a_user.hashed_password /= Void
+			has_sal: a_user.salt /= Void
+		do
+			reset_error
+			if
+				attached a_user.hashed_password as l_password and then
+				attached a_user.salt as l_salt and then
 				attached a_user.email as l_email
 			then
 				storage.new_user (a_user)
@@ -321,6 +340,6 @@ feature -- User status
 			-- The user is trashed (soft delete), ready to be deleted/destroyed from storage.
 
 note
-	copyright: "2011-2015, Jocelyn Fiat, Javier Velilla, Eiffel Software and others"
+	copyright: "2011-2016, Jocelyn Fiat, Javier Velilla, Eiffel Software and others"
 	license: "Eiffel Forum License v2 (see http://www.eiffel.com/licensing/forum.txt)"
 end

From 0ca336d467a228abb651e24ba7cf90c0bf4623fd Mon Sep 17 00:00:00 2001
From: jvelilla <javier.hector@gmail.com>
Date: Wed, 6 Jan 2016 21:29:21 -0300
Subject: [PATCH 3/8] Updated templates Replaced hardcoded name "ROC CMS" for
 placeholder $sitename, and missing href's with $host. Renamed database script
 and database table for temporal users. Renamed CMS_AUTH_API AS
 CMS_USER_TEMP_API. Revert design to use CMS_TEMPORAL_USER and clean CMS_USER.
 Refactor rename cms_auth_storage_* classes to CMS_TEMPORAL_USER_STORAGE_*
 Added Pending Registrations to the admin menu to show the list of pending
 registrarions added CSS to display temporal users

---
 .../demo/site/modules/auth/files/css/auth.css |  22 +++
 .../mail_templates/account_activation.html    |   4 +-
 .../account_activation_confirmation.html      |   6 +-
 .../mail_templates/account_new_password.html  |   4 +-
 .../mail_templates/account_re_activation.html |   4 +-
 .../auth/mail_templates/account_rejected.html |   6 +-
 .../auth/mail_templates/account_welcome.html  |   4 +-
 ...ion.html => admin_account_evaluation.html} |   8 +-
 .../modules/auth/scripts/auth_temp_users.tpl  |  13 ++
 .../auth/templates/block_post_reactivate.tpl  |   2 +-
 .../auth/templates/block_post_register.tpl    |   2 +-
 .../modules/auth/templates/block_register.tpl |   6 +-
 library/model/src/user/cms_user.e             |  24 ---
 modules/auth/cms_auth_api.e                   |  93 ---------
 ..._authentication_email_service_parameters.e |  48 ++---
 modules/auth/cms_authentication_module.e      | 143 +++++++++++---
 .../auth/cms_authenticaton_email_service.e    |  42 +++--
 modules/auth/cms_user_temp_api.e              | 127 +++++++++++++
 modules/auth/model/cms_temporal_user.e        |  44 +++++
 ...rage_i.e => cms_temporal_user_storage_i.e} |  33 +++-
 ...ull.e => cms_temporal_user_storage_null.e} |  30 ++-
 ..._sql.e => cms_temporal_user_storage_sql.e} | 177 +++++++++++++++---
 modules/auth/site/files/css/auth.css          |  22 +++
 modules/auth/site/files/scss/auth.css         |  22 +++
 modules/auth/site/files/scss/auth.css.map     |   7 +
 modules/auth/site/files/scss/auth.scss        |  37 ++++
 .../mail_templates/account_activation.html    |   4 +-
 .../account_activation_confirmation.html      |   6 +-
 .../mail_templates/account_new_password.html  |   4 +-
 .../mail_templates/account_re_activation.html |   4 +-
 .../site/mail_templates/account_rejected.html |   6 +-
 .../site/mail_templates/account_welcome.html  |   4 +-
 ...ion.html => admin_account_evaluation.html} |   8 +-
 modules/auth/site/scripts/auth_temp_users.tpl |   2 +-
 .../auth/site/templates/block_register.tpl    |   6 +-
 modules/oauth20/cms_oauth_20_module.e         |   2 +-
 modules/openid/cms_openid_module.e            |   2 +-
 src/persistence/user/cms_user_storage_i.e     |   6 -
 src/persistence/user/cms_user_storage_sql_i.e |  39 ----
 src/service/user/cms_user_api.e               |  20 --
 40 files changed, 717 insertions(+), 326 deletions(-)
 create mode 100644 examples/demo/site/modules/auth/files/css/auth.css
 rename examples/demo/site/modules/auth/mail_templates/{account_evaluation.html => admin_account_evaluation.html} (75%)
 create mode 100644 examples/demo/site/modules/auth/scripts/auth_temp_users.tpl
 delete mode 100644 modules/auth/cms_auth_api.e
 create mode 100644 modules/auth/cms_user_temp_api.e
 create mode 100644 modules/auth/model/cms_temporal_user.e
 rename modules/auth/persistence/{cms_auth_storage_i.e => cms_temporal_user_storage_i.e} (66%)
 rename modules/auth/persistence/{cms_auth_storage_null.e => cms_temporal_user_storage_null.e} (57%)
 rename modules/auth/persistence/{cms_auth_storage_sql.e => cms_temporal_user_storage_sql.e} (54%)
 create mode 100644 modules/auth/site/files/css/auth.css
 create mode 100644 modules/auth/site/files/scss/auth.css
 create mode 100644 modules/auth/site/files/scss/auth.css.map
 create mode 100644 modules/auth/site/files/scss/auth.scss
 rename modules/auth/site/mail_templates/{account_evaluation.html => admin_account_evaluation.html} (75%)

diff --git a/examples/demo/site/modules/auth/files/css/auth.css b/examples/demo/site/modules/auth/files/css/auth.css
new file mode 100644
index 0000000..27984a9
--- /dev/null
+++ b/examples/demo/site/modules/auth/files/css/auth.css
@@ -0,0 +1,22 @@
+ul.cms-temp-users {
+  list-style-type: none;
+  padding: 3px 3px 3px 3px;
+  border: solid 1px #ccc; }
+  ul.cms-temp-users li {
+    border-top: dotted 1px #ccc; }
+    ul.cms-temp-users li:first-child {
+      border-top: none; }
+  ul.cms-temp-users li.cms_temp_user ul.cms_temp_user_details {
+    list-style-type: none;
+    padding: 3px 3px 3px 3px;
+    border: solid 1px #ccc; }
+    ul.cms-temp-users li.cms_temp_user ul.cms_temp_user_details li {
+      border-top: dotted 1px #ccc; }
+      ul.cms-temp-users li.cms_temp_user ul.cms_temp_user_details li:first-child {
+        border-top: none; }
+    ul.cms-temp-users li.cms_temp_user ul.cms_temp_user_details li.cms_temp_user_detail_information::before {
+      content: "[personal information] "; }
+    ul.cms-temp-users li.cms_temp_user ul.cms_temp_user_details li.cms_temp_user_detail_email::before {
+      content: "[email] "; }
+
+/*# sourceMappingURL=auth.css.map */
diff --git a/examples/demo/site/modules/auth/mail_templates/account_activation.html b/examples/demo/site/modules/auth/mail_templates/account_activation.html
index 0d404a0..f85597a 100644
--- a/examples/demo/site/modules/auth/mail_templates/account_activation.html
+++ b/examples/demo/site/modules/auth/mail_templates/account_activation.html
@@ -4,11 +4,11 @@
 	  <meta charset="utf-8">
 	  <title>Activation</title>
 	  <meta name="description" content="Activation">
-	  <meta name="author" content="ROC CMS">
+	  <meta name="author" content="$sitename">
 	</head>
 
 	<body>
-		<p>Thank you for applying to  <a href="$host">ROC CMS</a> $user</p>
+		<p>Thank you for applying to  <a href="$host">$sitename</a> $user</p>
 		<p>We will review your application and send you a resolution<p>
 	</body>
 </html>
\ No newline at end of file
diff --git a/examples/demo/site/modules/auth/mail_templates/account_activation_confirmation.html b/examples/demo/site/modules/auth/mail_templates/account_activation_confirmation.html
index efc5087..b185ad5 100644
--- a/examples/demo/site/modules/auth/mail_templates/account_activation_confirmation.html
+++ b/examples/demo/site/modules/auth/mail_templates/account_activation_confirmation.html
@@ -2,13 +2,13 @@
 <html lang="en">
 	<head>
 	  <meta charset="utf-8">
-	  <title>Activation</title>
+	  <title>Activation Confirmation</title>
 	  <meta name="description" content="Activation Confirmation">
-	  <meta name="author" content="ROC CMS">
+	  <meta name="author" content="$sitename">
 	</head>
 
 	<body>
-		<p>Your account has been confirmed  <a href="...">ROC CMS</a></p>
+		<p>Your account has been confirmed  <a href="$host">$sitename</a> $email</p>
 		<p>Thank you for joining us.</p>
 	</body>
 </html>
\ No newline at end of file
diff --git a/examples/demo/site/modules/auth/mail_templates/account_new_password.html b/examples/demo/site/modules/auth/mail_templates/account_new_password.html
index ad2792d..0ad6560 100644
--- a/examples/demo/site/modules/auth/mail_templates/account_new_password.html
+++ b/examples/demo/site/modules/auth/mail_templates/account_new_password.html
@@ -4,11 +4,11 @@
 	  <meta charset="utf-8">
 	  <title>New Password</title>
 	  <meta name="description" content="New Password">
-	  <meta name="author" content="ROC CMS">
+	  <meta name="author" content="$sitename">
 	</head>
 
 	<body>
-		<p>You have required a new password at <a href="$host">ROC CMS</a></p>
+		<p>You have required a new password at <a href="$host">$sitename</a></p>
 
 		<p>To complete your request, please click on this link to genereate a new password:<p>
 
diff --git a/examples/demo/site/modules/auth/mail_templates/account_re_activation.html b/examples/demo/site/modules/auth/mail_templates/account_re_activation.html
index 3590804..fe3403c 100644
--- a/examples/demo/site/modules/auth/mail_templates/account_re_activation.html
+++ b/examples/demo/site/modules/auth/mail_templates/account_re_activation.html
@@ -4,11 +4,11 @@
 	  <meta charset="utf-8">
 	  <title>New Activation</title>
 	  <meta name="description" content="New Activation token">
-	  <meta name="author" content="ROC CMS">
+	  <meta name="author" content="$sitename">
 	</head>
 
 	<body>
-		<p>You have request a new activation token at <a href="$host">ROC CMS</a></p>
+		<p>You have request a new activation token at <a href="$host">$sitename</a></p>
 
 		<p>To complete your registration, please click on this link to activate your account:<p>
 
diff --git a/examples/demo/site/modules/auth/mail_templates/account_rejected.html b/examples/demo/site/modules/auth/mail_templates/account_rejected.html
index 9cefb80..e4811a2 100644
--- a/examples/demo/site/modules/auth/mail_templates/account_rejected.html
+++ b/examples/demo/site/modules/auth/mail_templates/account_rejected.html
@@ -2,12 +2,12 @@
 <html lang="en">
 	<head>
 	  <meta charset="utf-8">
-	  <title>New Activation</title>
+	  <title>Application Rejected</title>
 	  <meta name="description" content="Application Rejected">
-	  <meta name="author" content="ROC CMS">
+	  <meta name="author" content="$sitename">
 	</head>
 
 	<body>
-		<p>You requested has been rejected, your application does not conform our rules <a href="...">ROC CMS</a></p>
+		<p>You requested has been rejected, your application does not conform our rules <a href="$host">$sitename</a></p>
 	</body>
 </html>
\ No newline at end of file
diff --git a/examples/demo/site/modules/auth/mail_templates/account_welcome.html b/examples/demo/site/modules/auth/mail_templates/account_welcome.html
index facecee..b2b8d04 100644
--- a/examples/demo/site/modules/auth/mail_templates/account_welcome.html
+++ b/examples/demo/site/modules/auth/mail_templates/account_welcome.html
@@ -4,10 +4,10 @@
 	  <meta charset="utf-8">
 	  <title>Welcome</title>
 	  <meta name="description" content="Welcome">
-	  <meta name="author" content="ROC CMS">
+	  <meta name="author" content="$sitename">
 	</head>
 	<body>
-		<p>Welcome to<a href="$host">ROC CMS</a></p>
+		<p>Welcome to<a href="$host">$sitename</a></p>
 		<p>Thank you for joining us.</p>
 	</body>
 </html>
diff --git a/examples/demo/site/modules/auth/mail_templates/account_evaluation.html b/examples/demo/site/modules/auth/mail_templates/admin_account_evaluation.html
similarity index 75%
rename from examples/demo/site/modules/auth/mail_templates/account_evaluation.html
rename to examples/demo/site/modules/auth/mail_templates/admin_account_evaluation.html
index 002292d..e626446 100644
--- a/examples/demo/site/modules/auth/mail_templates/account_evaluation.html
+++ b/examples/demo/site/modules/auth/mail_templates/admin_account_evaluation.html
@@ -4,12 +4,12 @@
   <meta charset="utf-8">
   <title>Account Evaluation</title>
   <meta name="description" content="Account Evaluation">
-  <meta name="author" content="ROC CMS">
+  <meta name="author" content="$sitename">
 </head>
 
 <body>
     <h2> Account Evaluation </h2>
-	<p>The user $user ($email) wants to register to the site <a href="$host">ROC CMS</a></p>
+	<p>The user $user ($email) wants to register to the site <a href="$host">$sitename</a></p>
 
 	<blockquote><p>This is his/her application.</p>
 	  <p>$application</p>
@@ -17,10 +17,10 @@
 
 	<p>To complete the registration, please click on the following link to activate the user account:<p>
 
-	<p><a href="$activate">$activate</a></p>
+	<p><a href="$activation_url">$activation_url</a></p>
 
 	<p>To reject the registration, please click on the following link <p>
 
-	<p><a href="$reject">$reject</a></p>
+	<p><a href="$rejection_url<">$rejection_url</a></p>
 </body>
 </html>
diff --git a/examples/demo/site/modules/auth/scripts/auth_temp_users.tpl b/examples/demo/site/modules/auth/scripts/auth_temp_users.tpl
new file mode 100644
index 0000000..d06c641
--- /dev/null
+++ b/examples/demo/site/modules/auth/scripts/auth_temp_users.tpl
@@ -0,0 +1,13 @@
+
+DROP TABLE IF EXISTS "auth_temp_users";
+CREATE TABLE `auth_temp_users` (
+  `uid` INTEGER PRIMARY KEY AUTO_INCREMENT NOT NULL,
+  `name` VARCHAR(100) NOT NULL,
+  `password` VARCHAR(100) NOT NULL,
+  `salt` VARCHAR(100) NOT NULL,
+  `email` VARCHAR(250) NOT NULL,
+  `application` TEXT NOT NULL, 
+  CONSTRAINT `name`
+    UNIQUE(`name`)
+);
+
diff --git a/examples/demo/site/modules/auth/templates/block_post_reactivate.tpl b/examples/demo/site/modules/auth/templates/block_post_reactivate.tpl
index 4142cd3..c76cbb5 100644
--- a/examples/demo/site/modules/auth/templates/block_post_reactivate.tpl
+++ b/examples/demo/site/modules/auth/templates/block_post_reactivate.tpl
@@ -1,3 +1,3 @@
 <div>
-    <p>We have send an email to the administrator, with a new activation code to activate the user account.</p>
+    <p>Thanks for your application, we will review it to activate your account.</p>
 </div>
diff --git a/examples/demo/site/modules/auth/templates/block_post_register.tpl b/examples/demo/site/modules/auth/templates/block_post_register.tpl
index 390c6b4..c76cbb5 100644
--- a/examples/demo/site/modules/auth/templates/block_post_register.tpl
+++ b/examples/demo/site/modules/auth/templates/block_post_register.tpl
@@ -1,3 +1,3 @@
 <div>
-    <p>You have requested an account, we will let you know when you application is approved or rejected.</p>
+    <p>Thanks for your application, we will review it to activate your account.</p>
 </div>
diff --git a/examples/demo/site/modules/auth/templates/block_register.tpl b/examples/demo/site/modules/auth/templates/block_register.tpl
index e55b7b1..39104ef 100644
--- a/examples/demo/site/modules/auth/templates/block_register.tpl
+++ b/examples/demo/site/modules/auth/templates/block_register.tpl
@@ -21,10 +21,10 @@
                 {/if}
             </div>
             <div>
-               <textarea rows="4" cols="50" name="application" id="application" required>
-			   				{$application/}
+               <textarea rows="4" cols="50" name="personal_information" id="personal_information" required>
+			   				{$personal_information/}
 			   </textarea>
-			   <label for="application">Tell us why you want to register an account</label>
+			   <label for="personal_information">Tell us why you want to register an account</label>
                 {if isset="$error_application"}
                     <span><i>{$error_application/}</i></span> <br>
                 {/if}
diff --git a/library/model/src/user/cms_user.e b/library/model/src/user/cms_user.e
index 7879fcc..1a57cdd 100644
--- a/library/model/src/user/cms_user.e
+++ b/library/model/src/user/cms_user.e
@@ -80,12 +80,6 @@ feature -- Access
 			--			active
 			--			trashed
 
-	application: detachable STRING_32
-			-- User application
-
-	salt: detachable STRING_32
-			-- User's password salt.		
-
 feature -- Access: helper
 
 	utf_8_name: STRING_8
@@ -225,24 +219,6 @@ feature -- Change element
 			set_last_login_date (create {DATE_TIME}.make_now_utc)
 		end
 
-	feature -- Element change
-
-	set_application (an_application: like application)
-			-- Assign `application' with `an_application'.
-		do
-			application := an_application
-		ensure
-			application_assigned: application = an_application
-		end
-
-	set_salt (a_salt: like salt)
-			-- Assign `salt' with `a_salt'.
-		do
-			salt := a_salt
-		ensure
-			salt_assigned: salt = a_salt
-		end
-
 feature -- Element change: roles
 
 	set_roles (lst: like roles)
diff --git a/modules/auth/cms_auth_api.e b/modules/auth/cms_auth_api.e
deleted file mode 100644
index f4420c8..0000000
--- a/modules/auth/cms_auth_api.e
+++ /dev/null
@@ -1,93 +0,0 @@
-note
-	description: "Summary description for {CMS_AUTH_API}."
-	author: ""
-	date: "$Date$"
-	revision: "$Revision$"
-
-class
-	CMS_AUTH_API
-
-inherit
-	CMS_MODULE_API
-
-	REFACTORING_HELPER
-
-create {CMS_AUTHENTICATION_MODULE}
-	make_with_storage
-
-feature {NONE} -- Initialization
-
-	make_with_storage (a_api: CMS_API; a_auth_storage: CMS_AUTH_STORAGE_I)
-			-- Create an object with api `a_api' and storage `a_auth_storage'.
-		do
-			auth_storage := a_auth_storage
-			make (a_api)
-		ensure
-			auht_storage_set:  auth_storage = a_auth_storage
-		end
-
-feature -- Access
-
-	user_by_name (a_username: READABLE_STRING_32): detachable CMS_USER
-			-- User by name `a_user_name', if any.
-		do
-			Result := auth_storage.user_by_name (a_username)
-		end
-
-	user_by_email (a_email: READABLE_STRING_32): detachable CMS_USER
-			-- User by email `a_email', if any.
-		do
-			Result := auth_storage.user_by_email (a_email)
-		end
-
-	user_by_activation_token (a_token: READABLE_STRING_32): detachable CMS_USER
-			-- User by activation token `a_token'.
-		do
-			Result := auth_storage.user_by_activation_token (a_token)
-		end
-
-
-feature -- Temp User
-
-	new_temp_user (a_user: CMS_USER)
-			-- Add a new user `a_user'.
-		require
-			no_id: not a_user.has_id
-			no_hashed_password: a_user.hashed_password = Void
-		do
-			reset_error
-			if
-				attached a_user.password as l_password and then
-				attached a_user.email as l_email
-			then
-				auth_storage.new_temp_user (a_user)
-				error_handler.append (storage.error_handler)
-			else
-				error_handler.add_custom_error (0, "bad new user request", "Missing password or email to create new user!")
-			end
-		end
-
-	remove_activation (a_token: READABLE_STRING_32)
-			-- Remove activation token `a_token', from the storage.
-		do
-			auth_storage.remove_activation (a_token)
-		end
-
-	delete_user (a_user: CMS_USER)
-			-- Delete user `a_user'.
-		require
-			has_id: a_user.has_id
-		do
-			reset_error
-			auth_storage.delete_user (a_user)
-			error_handler.append (storage.error_handler)
-		end
-
-feature {CMS_MODULE} -- Access: User auth storage.
-
-	auth_storage: CMS_AUTH_STORAGE_I
-			-- storage interface.
-
-feature -- Access: User Temp
-
-end
diff --git a/modules/auth/cms_authentication_email_service_parameters.e b/modules/auth/cms_authentication_email_service_parameters.e
index d340cf5..efcf557 100644
--- a/modules/auth/cms_authentication_email_service_parameters.e
+++ b/modules/auth/cms_authentication_email_service_parameters.e
@@ -17,18 +17,17 @@ feature {NONE} -- Initialization
 	make (a_cms_api: CMS_API)
 		local
 			utf: UTF_CONVERTER
-			l_site_name: READABLE_STRING_8
 			s: detachable READABLE_STRING_32
 			l_contact_email, l_subject_register, l_subject_activate, l_subject_password, l_subject_oauth: detachable READABLE_STRING_8
 		do
 			cms_api := a_cms_api
 				-- Use global smtp setting if any, otherwise "localhost"
 			smtp_server := utf.escaped_utf_32_string_to_utf_8_string_8 (a_cms_api.setup.text_item_or_default ("smtp", "localhost"))
-			l_site_name := utf.escaped_utf_32_string_to_utf_8_string_8 (a_cms_api.setup.site_name)
+			site_name := utf.escaped_utf_32_string_to_utf_8_string_8 (a_cms_api.setup.site_name)
 			admin_email := a_cms_api.setup.site_email
 
 			if not admin_email.has ('<') then
-				admin_email := l_site_name + " <" + admin_email +">"
+				admin_email := site_name + " <" + admin_email +">"
 			end
 
 			if attached {CONFIG_READER} a_cms_api.module_configuration_by_name ({CMS_AUTHENTICATION_MODULE}.name, Void) as cfg then
@@ -60,7 +59,7 @@ feature {NONE} -- Initialization
 			end
 			if l_contact_email /= Void then
 				if not l_contact_email.has ('<') then
-					l_contact_email := l_site_name + " <" + l_contact_email + ">"
+					l_contact_email := site_name + " <" + l_contact_email + ">"
 				end
 				contact_email := l_contact_email
 			else
@@ -95,6 +94,8 @@ feature {NONE} -- Initialization
 			contact_subject_activated := "Your account was activated"
 		end
 
+
+
 feature	-- Access
 
 	cms_api: CMS_API
@@ -106,6 +107,9 @@ feature	-- Access
 	contact_email: IMMUTABLE_STRING_8
 			-- Contact email.
 
+	site_name: IMMUTABLE_STRING_8
+			-- Site name.
+
 	contact_subject_account_evaluation: IMMUTABLE_STRING_8
 	contact_subject_register: IMMUTABLE_STRING_8
 	contact_subject_activate: IMMUTABLE_STRING_8
@@ -118,7 +122,7 @@ feature	-- Access
 	account_evaluation: STRING
 			-- Account evaluation template email message.
 		do
-			Result := template_string ("account_evaluation.html", default_template_account_evaluation)
+			Result := template_string ("admin_account_evaluation.html", default_template_account_evaluation)
 		end
 
 	account_activation: STRING
@@ -211,12 +215,12 @@ feature {NONE} -- Message email
 		  <meta charset="utf-8">
 		  <title>Account Evaluation</title>
 		  <meta name="description" content="Account Evaluation">
-		  <meta name="author" content="ROC CMS">
+		  <meta name="author" content="$sitename">
 		</head>
 
 		<body>
 		    <h2> Account Evaluation </h2>
-			<p>The user $user ($email) wants to register to the site</p>
+			<p>The user $user ($email) wants to register to the site  <a href="$host">$sitename</a></p>
 
 			<blockquote><p>This is his/her application.</p>
   				<p>$application</p>
@@ -224,11 +228,11 @@ feature {NONE} -- Message email
 
 			<p>To complete the registration, please click on the following link to activate the user account:<p>
 
-			<p><a href="$activate">$activate</a></p>
+			<p><a href="$activation_url">$activation_url</a></p>
 
 			<p>To reject the registration, please click on the following link <p>
 
-			<p><a href="$reject">$reject</a></p>
+			<p><a href="$rejection_url">$rejection_url</a></p>
 		</body>
 		</html>
 	]"
@@ -241,11 +245,11 @@ feature {NONE} -- Message email
 		  <meta charset="utf-8">
 		  <title>Activation</title>
 		  <meta name="description" content="Activation">
-		  <meta name="author" content="ROC CMS">
+		  <meta name="author" content="$sitename">
 		</head>
 
 		<body>
-			<p>Thank you for applying to  <a href="...">ROC CMS</a> $user</p>
+			<p>Thank you for applying to  <a href="$host">$sitename</a> $user</p>
 
 			<p>We will review your application and send you an email<p>
 			<p>Thank you for joining us.</p>
@@ -261,11 +265,11 @@ feature {NONE} -- Message email
 		  <meta charset="utf-8">
 		  <title>Activation</title>
 		  <meta name="description" content="Activation Confirmation">
-		  <meta name="author" content="ROC CMS">
+		  <meta name="author" content="$sitename">
 		</head>
 
 		<body>
-			<p>Your account has been confirmed  <a href="...">ROC CMS</a> $email</p>
+			<p>Your account has been confirmed  <a href="$host">$sitename</a> $email</p>
 
 			<p>Thank you for joining us.</p>
 		</body>
@@ -277,13 +281,13 @@ feature {NONE} -- Message email
 		<html lang="en">
 		<head>
 		  <meta charset="utf-8">
-		  <title>New Activation</title>
+		  <title>Application Rejected</title>
 		  <meta name="description" content="Application Rejected">
-		  <meta name="author" content="ROC CMS">
+		  <meta name="author" content="$sitename">
 		</head>
 
 		<body>
-			<p>You requested has been rejected, your application does not conform our rules <a href="...">ROC CMS</a></p>
+			<p>You requested has been rejected, your application does not conform our rules <a href="$host">$sitename</a></p>
 		</body>
 		</html>
 	]"
@@ -295,11 +299,11 @@ feature {NONE} -- Message email
 		  <meta charset="utf-8">
 		  <title>New Activation</title>
 		  <meta name="description" content="New Activation token">
-		  <meta name="author" content="ROC CMS">
+		  <meta name="author" content="$sitename">
 		</head>
 
 		<body>
-			<p>You have requested a new activation token at <a href="...">ROC CMS</a></p>
+			<p>You have requested a new activation token at <a href="$host">$sitename</a></p>
 
 			<p>To complete your registration, please click on the following link to activate your account:<p>
 
@@ -318,11 +322,11 @@ feature {NONE} -- Message email
 		  <meta charset="utf-8">
 		  <title>New Password</title>
 		  <meta name="description" content="New Password">
-		  <meta name="author" content="ROC CMS">
+		  <meta name="author" content="$sitename">
 		</head>
 
 		<body>
-			<p>You have required a new password at <a href="...">ROC CMS</a></p>
+			<p>You have required a new password at <a href="$host">$sitename</a></p>
 
 			<p>To complete your request, please click on this link to generate a new password:<p>
 
@@ -339,11 +343,11 @@ feature {NONE} -- Message email
 		  <meta charset="utf-8">
 		  <title>Welcome</title>
 		  <meta name="description" content="Welcome">
-		  <meta name="author" content="ROC CMS">
+		  <meta name="author" content="$sitename">
 		</head>
 
 		<body>
-			<p>Welcome to<a href="...">ROC CMS</a></p>
+			<p>Welcome to<a href="...">$sitename</a></p>
 			<p>Thank you for joining us.</p>
 		</body>
 		</html>
diff --git a/modules/auth/cms_authentication_module.e b/modules/auth/cms_authentication_module.e
index 156b0ef..76cd1d5 100644
--- a/modules/auth/cms_authentication_module.e
+++ b/modules/auth/cms_authentication_module.e
@@ -91,16 +91,16 @@ feature {CMS_API} -- Module Initialization
 			-- <Precursor>
 		local
 			l_auth_api: like auth_api
-			l_user_auth_storage: CMS_AUTH_STORAGE_I
+			l_user_auth_storage: CMS_TEMPORAL_USER_STORAGE_I
 		do
 			Precursor (a_api)
 
 				-- Storage initialization
 			if attached a_api.storage.as_sql_storage as l_storage_sql then
-				create {CMS_AUTH_STORAGE_SQL} l_user_auth_storage.make (l_storage_sql)
+				create {CMS_TEMPORAL_USER_STORAGE_SQL} l_user_auth_storage.make (l_storage_sql)
 			else
 					-- FIXME: in case of NULL storage, should Current be disabled?
-				create {CMS_AUTH_STORAGE_NULL} l_user_auth_storage
+				create {CMS_TEMPORAL_USER_STORAGE_NULL} l_user_auth_storage
 			end
 
 				-- API initialization
@@ -114,7 +114,7 @@ feature {CMS_API} -- Module Initialization
 		do
 				-- Schema
 			if attached api.storage.as_sql_storage as l_sql_storage then
-				if not l_sql_storage.sql_table_exists ("auth_temp_user") then
+				if not l_sql_storage.sql_table_exists ("auth_temp_users") then
 						--| Schema
 					l_sql_storage.sql_execute_file_script (api.module_resource_location (Current, (create {PATH}.make_from_string ("scripts")).extended ("auth_temp_users.sql")), Void)
 					if l_sql_storage.has_error then
@@ -128,7 +128,7 @@ feature {CMS_API} -- Module Initialization
 
 feature {CMS_API} -- Access: API
 
-	auth_api: detachable CMS_AUTH_API
+	auth_api: detachable CMS_USER_TEMP_API
 			-- <Precursor>
 
 feature -- Router
@@ -252,7 +252,7 @@ feature -- Handler
 		local
 			r: CMS_RESPONSE
 			l_user_api: CMS_USER_API
-			u: CMS_USER
+			u: CMS_TEMPORAL_USER
 			l_exist: BOOLEAN
 			es: CMS_AUTHENTICATON_EMAIL_SERVICE
 			l_url_activate: STRING
@@ -263,7 +263,7 @@ feature -- Handler
 			create {GENERIC_VIEW_CMS_RESPONSE} r.make (req, res, api)
 			if r.has_permission ("account register") and then attached auth_api as l_auth_api then
 				if req.is_post_request_method then
-					if attached {WSF_STRING} req.form_parameter ("name") as l_name and then attached {WSF_STRING} req.form_parameter ("password") as l_password and then attached {WSF_STRING} req.form_parameter ("email") as l_email and then attached {WSF_STRING} req.form_parameter ("application") as l_application then
+					if attached {WSF_STRING} req.form_parameter ("name") as l_name and then attached {WSF_STRING} req.form_parameter ("password") as l_password and then attached {WSF_STRING} req.form_parameter ("email") as l_email and then attached {WSF_STRING} req.form_parameter ("personal_information") as l_personal_information then
 						l_user_api := api.user_api
 						if attached l_user_api.user_by_name (l_name.value) or else attached l_auth_api.user_by_name (l_name.value) then
 								-- Username already exist.
@@ -292,7 +292,7 @@ feature -- Handler
 							create u.make (l_name.value)
 							u.set_email (l_email.value)
 							u.set_password (l_password.value)
-							u.set_application (l_application.value)
+							u.set_personal_information (l_personal_information.value)
 							l_auth_api.new_temp_user (u)
 
 								-- Create activation token
@@ -304,16 +304,16 @@ feature -- Handler
 								-- Send Email to webmaster
 							create es.make (create {CMS_AUTHENTICATION_EMAIL_SERVICE_PARAMETERS}.make (api))
 							write_debug_log (generator + ".handle register: send_register_email")
-							es.send_account_evaluation (u, l_application.value, l_url_activate, l_url_reject)
+							es.send_account_evaluation (u, l_personal_information.value, l_url_activate, l_url_reject, req.absolute_script_url (""))
 
 								-- Send Email to user
 							create es.make (create {CMS_AUTHENTICATION_EMAIL_SERVICE_PARAMETERS}.make (api))
 							write_debug_log (generator + ".handle register: send_contact_email")
-							es.send_contact_email (l_email.value, l_name.value)
+							es.send_contact_email (l_email.value, l_name.value, req.absolute_script_url (""))
 						else
 							r.set_value (l_name.value, "name")
 							r.set_value (l_email.value, "email")
-							r.set_value (l_application.value, "application")
+							r.set_value (l_personal_information.value, "personal_information")
 							r.set_status_code ({HTTP_CONSTANTS}.bad_request)
 						end
 					end
@@ -337,21 +337,26 @@ feature -- Handler
 				create {GENERIC_VIEW_CMS_RESPONSE} r.make (req, res, api)
 				if r.has_permission ("account activate") then
 					if attached {WSF_STRING} req.path_parameter ("token") as l_token then
-						if attached {CMS_USER} l_auth_api.user_by_activation_token (l_token.value) as l_user then
+						if attached {CMS_TEMPORAL_USER} l_auth_api.user_by_activation_token (l_token.value) as l_user then
+
+							-- TODO copy the personal information
+							--! to CMS_USER_PROFILE and persist data
+							--! check also CMS_USER.data_items
+
 								-- Delete temporal User
-							l_auth_api.delete_user (l_user)
+							l_auth_api.delete_temporary_user (l_user)
 
 								-- Valid user_id
 							l_user.set_id (0)
 							l_user.mark_active
-							l_user_api.new_user_from_temporal_user (l_user)
+							l_auth_api.new_user_from_temporal_user (l_user)
 							l_auth_api.remove_activation (l_token.value)
 							r.set_main_content ("<p> The account <i>" + l_user.name + "</i> has been activated</p>")
 								-- Send Email
 							if attached l_user.email as l_email then
 								create es.make (create {CMS_AUTHENTICATION_EMAIL_SERVICE_PARAMETERS}.make (api))
 								write_debug_log (generator + ".handle register: send_contact_activation_confirmation_email")
-								es.send_contact_activation_confirmation_email (l_email, req.absolute_script_url (""))
+								es.send_contact_activation_confirmation_email (l_email, "", req.absolute_script_url (""))
 							end
 						else
 								-- the token does not exist, or it was already used.
@@ -376,7 +381,6 @@ feature -- Handler
 	handle_reject (api: CMS_API; req: WSF_REQUEST; res: WSF_RESPONSE)
 		local
 			r: CMS_RESPONSE
-			l_user_api: CMS_USER_API
 			l_ir: INTERNAL_SERVER_ERROR_CMS_RESPONSE
 			es: CMS_AUTHENTICATON_EMAIL_SERVICE
 		do
@@ -385,13 +389,13 @@ feature -- Handler
 				if r.has_permission ("account reject") then
 					if attached {WSF_STRING} req.path_parameter ("token") as l_token then
 						if attached {CMS_USER} l_auth_api.user_by_activation_token (l_token.value) as l_user then
-							l_auth_api.delete_user (l_user)
+							l_auth_api.delete_temporary_user (l_user)
 							r.set_main_content ("<p> The temporal account for <i>" + l_user.name + "</i> has been removed</p>")
 								-- Send Email
 							if attached l_user.email as l_email then
 								create es.make (create {CMS_AUTHENTICATION_EMAIL_SERVICE_PARAMETERS}.make (api))
 								write_debug_log (generator + ".handle register: send_contact_activation_reject_email")
-								es.send_contact_activation_reject_email (l_email, req.absolute_script_url (""))
+								es.send_contact_activation_reject_email (l_email, "", req.absolute_script_url (""))
 							end
 						else
 								-- the token does not exist, or it was already used.
@@ -428,7 +432,7 @@ feature -- Handler
 					if req.is_post_request_method then
 						if attached {WSF_STRING} req.form_parameter ("email") as l_email then
 							l_user_api := api.user_api
-							if attached {CMS_USER} l_auth_api.user_by_email (l_email.value) as l_user then
+							if attached {CMS_TEMPORAL_USER} l_auth_api.user_by_email (l_email.value) as l_user then
 									-- User exist create a new token and send a new email.
 								if l_user.is_active then
 									r.set_value ("The asociated user to the given email " + l_email.value + " , is already active", "is_active")
@@ -440,10 +444,10 @@ feature -- Handler
 									l_url_reject := req.absolute_script_url ("/account/reject/" + l_token)
 
 										-- Send Email to webmaster
-									if attached l_user.application as l_application then
+									if attached l_user.personal_information as l_personal_information then
 										create es.make (create {CMS_AUTHENTICATION_EMAIL_SERVICE_PARAMETERS}.make (api))
 										write_debug_log (generator + ".handle register: send_register_email")
-										es.send_account_evaluation (l_user, l_application, l_url_activate, l_url_reject)
+										es.send_account_evaluation (l_user, l_personal_information, l_url_activate, l_url_reject, req.absolute_script_url (""))
 									end
 								end
 							else
@@ -484,7 +488,7 @@ feature -- Handler
 							-- Send Email
 						create es.make (create {CMS_AUTHENTICATION_EMAIL_SERVICE_PARAMETERS}.make (api))
 						write_debug_log (generator + ".handle register: send_contact_password_email")
-						es.send_contact_password_email (l_email.value, l_url)
+						es.send_contact_password_email (l_email.value, l_url, req.absolute_script_url (""))
 					else
 						r.set_value ("The email does not exist !", "error_email")
 						r.set_value (l_email.value, "email")
@@ -500,7 +504,7 @@ feature -- Handler
 							-- Send Email
 						create es.make (create {CMS_AUTHENTICATION_EMAIL_SERVICE_PARAMETERS}.make (api))
 						write_debug_log (generator + ".handle register: send_contact_password_email")
-						es.send_contact_password_email (l_email, l_url)
+						es.send_contact_password_email (l_email, l_url, req.absolute_script_url (""))
 					else
 						r.set_value ("The username does not exist !", "error_username")
 						r.set_value (l_username.value, "username")
@@ -587,13 +591,95 @@ feature -- Handler
 
 	handle_admin_pending_registrations (req: WSF_REQUEST; res: WSF_RESPONSE; api: CMS_API)
 		local
-			l_page: CMS_RESPONSE
-			lnk: CMS_LOCAL_LINK
+			l_response: CMS_RESPONSE
+			s: STRING
+			u: CMS_TEMPORAL_USER
+			l_page_helper: CMS_PAGINATION_GENERATOR
+			s_pager: STRING
+			l_count: INTEGER
 		do
-			create {GENERIC_VIEW_CMS_RESPONSE} l_page.make (req, res, api)
-			l_page.execute
+				-- At the moment the template are hardcoded, but we can
+				-- get them from the configuration file and load them into
+				-- the setup class.
+
+			create {FORBIDDEN_ERROR_CMS_RESPONSE} l_response.make (req, res, api)
+			if
+				l_response.has_permission ("admin registration") and then
+				attached auth_api as l_auth_api
+			then
+
+				l_count := l_auth_api.users_count
+
+				create {GENERIC_VIEW_CMS_RESPONSE} l_response.make (req, res, api)
+
+				create s.make_empty
+				if l_count > 1 then
+					l_response.set_title ("Listing " + l_count.out + " Pending Registrations")
+				else
+					l_response.set_title ("Listing " + l_count.out + " Pending Registration")
+				end
+
+				create s_pager.make_empty
+				create l_page_helper.make ("admin/pending-registrations/?page={page}&size={size}", l_auth_api.users_count.as_natural_64, 25) -- FIXME: Make this default page size a global CMS settings
+				l_page_helper.get_setting_from_request (req)
+				if l_page_helper.has_upper_limit and then l_page_helper.pages_count > 1 then
+					l_page_helper.append_to_html (l_response, s_pager)
+					if l_page_helper.page_size > 25 then
+						s.append (s_pager)
+					end
+				end
+
+				if attached l_auth_api.recent_users (create {CMS_DATA_QUERY_PARAMETERS}.make (l_page_helper.current_page_offset, l_page_helper.page_size)) as lst then
+					s.append ("<ul class=%"cms-temp-users%">%N")
+					across
+						lst as ic
+					loop
+						u := ic.item
+						s.append ("<li class=%"cms_temp_user%">")
+						s.append ("User:" + u.name)
+						s.append ("<ul class=%"cms_temp_user_details%">")
+						if attached u.personal_information as l_information then
+							s.append ("<li class=%"cms_temp_user_detail_information%">")
+							s.append (l_information)
+							s.append ("</li>%N")
+						end
+						if attached u.email as l_email then
+							s.append ("<li class=%"cms_temp_user_detail_email%">")
+							s.append (l_email)
+							s.append ("</li>%N")
+						end
+						if attached l_auth_api.token_by_user_id (u.id) as l_token then
+							s.append ("<li>")
+							s.append ("<a href=%"")
+							s.append (req.absolute_script_url ("/account/activate/" + l_token))
+							s.append ("%">")
+							s.append (html_encoded ("Activate"))
+							s.append ("</a>")
+							s.append ("</li>%N")
+							s.append ("<li>")
+							s.append ("<a href=%"")
+							s.append (req.absolute_script_url ("/account/reject/" + l_token))
+							s.append ("%">")
+							s.append (html_encoded ("Reject"))
+							s.append ("</a>")
+							s.append ("</li>%N")
+						end
+						s.append ("</ul>%N")
+						s.append ("</li>%N")
+					end
+					s.append ("</ul>%N")
+				end
+					-- Again the pager at the bottom, if needed
+				s.append (s_pager)
+
+				l_response.set_main_content (s)
+				l_response.execute
+			else
+				l_response.execute
+			end
 		end
 
+
 	block_list: ITERABLE [like {CMS_BLOCK}.name]
 		local
 			l_string: STRING
@@ -821,7 +907,6 @@ feature {NONE} -- Block views
 
 	get_block_view_registration	(a_block_id: READABLE_STRING_8; a_response: CMS_RESPONSE)
 		do
-				-- TODO finish
 		end
 
 feature -- Recaptcha
@@ -855,8 +940,8 @@ feature -- Response Alter
 	response_alter (a_response: CMS_RESPONSE)
 		do
 			a_response.add_javascript_url ("https://www.google.com/recaptcha/api.js")
+			a_response.add_style (a_response.url ("/module/" + name + "/files/css/auth.css", Void), Void)
 		end
-
 feature {NONE} -- Implementation
 
 	is_captcha_verified (a_secret, a_response: READABLE_STRING_8): BOOLEAN
diff --git a/modules/auth/cms_authenticaton_email_service.e b/modules/auth/cms_authenticaton_email_service.e
index bd28c4f..ea4fd0b 100644
--- a/modules/auth/cms_authenticaton_email_service.e
+++ b/modules/auth/cms_authenticaton_email_service.e
@@ -34,12 +34,14 @@ feature -- Access
 
 feature -- Basic Operations
 
-	send_account_evaluation (a_user: CMS_USER; a_application, a_url_activate, a_url_reject: READABLE_STRING_8)
+	send_account_evaluation (a_user: CMS_USER; a_application, a_url_activate, a_url_reject, a_host: READABLE_STRING_8)
 			-- Send new user register to webmaster to confirm or reject itt.
 		local
 			l_message: STRING
 		do
 			create l_message.make_from_string (parameters.account_evaluation)
+			l_message.replace_substring_all ("$host", a_host)
+			l_message.replace_substring_all ("$sitename", parameters.site_name)
 			l_message.replace_substring_all ("$user", a_user.name)
 			if attached a_user.email as l_email then
 				l_message.replace_substring_all ("$email", l_email)
@@ -47,13 +49,13 @@ feature -- Basic Operations
 				l_message.replace_substring_all ("$email", "unknown email")
 			end
 			l_message.replace_substring_all ("$application", a_application)
-			l_message.replace_substring_all ("$activate", a_url_activate)
-			l_message.replace_substring_all ("$reject", a_url_reject)
+			l_message.replace_substring_all ("$activation_url", a_url_activate)
+			l_message.replace_substring_all ("$rejection_url", a_url_reject)
 			send_message (contact_email, contact_email, parameters.contact_subject_account_evaluation, l_message)
 		end
 
 
-	send_contact_email (a_to, a_user: READABLE_STRING_8)
+	send_contact_email (a_to, a_user, a_host: READABLE_STRING_8)
 			-- Send successful contact message to `a_to'.
 		require
 			attached_to: a_to /= Void
@@ -61,71 +63,83 @@ feature -- Basic Operations
 			l_message: STRING
 		do
 			create l_message.make_from_string (parameters.account_activation)
+			l_message.replace_substring_all ("$host", a_host)
+			l_message.replace_substring_all ("$sitename", parameters.site_name)
 			l_message.replace_substring_all ("$user", a_user)
 			send_message (contact_email, a_to, parameters.contact_subject_register, l_message)
 		end
 
 
-	send_contact_activation_email (a_to, a_content: READABLE_STRING_8)
-			-- Send successful contact message `a_token' to `a_to'.
+	send_contact_activation_email (a_to, a_content, a_host: READABLE_STRING_8)
+			-- Send successful contact activation message to `a_to'.
 		require
 			attached_to: a_to /= Void
 		local
 			l_message: STRING
 		do
 			create l_message.make_from_string (parameters.account_re_activation)
+			l_message.replace_substring_all ("$host", a_host)
+			l_message.replace_substring_all ("$sitename", parameters.site_name)
 			l_message.replace_substring_all ("$link", a_content)
 			send_message (contact_email, a_to, parameters.contact_subject_activate, l_message)
 		end
 
 
-	send_contact_activation_confirmation_email (a_to, a_content: READABLE_STRING_8)
-			-- Send successful contact activation to a_to.
+	send_contact_activation_confirmation_email (a_to, a_content, a_host: READABLE_STRING_8)
+			-- Send successful message activation to a_to.
 		require
 			attached_to: a_to /= Void
 		local
 			l_message: STRING
 		do
 			create l_message.make_from_string (parameters.account_activation_confirmation)
+			l_message.replace_substring_all ("$hot", a_host)
+			l_message.replace_substring_all ("$sitename", parameters.site_name)
 			l_message.replace_substring_all ("$email", a_content)
 			send_message (contact_email, a_to, parameters.contact_subject_activated, l_message)
 		end
 
 
-	send_contact_activation_reject_email (a_to, a_content: READABLE_STRING_8)
-			-- Send successful contact activation reject to `a_to'.
+	send_contact_activation_reject_email (a_to, a_content, a_host: READABLE_STRING_8)
+			-- Send successful contact activation reject message to `a_to'.
 		require
 			attached_to: a_to /= Void
 		local
 			l_message: STRING
 		do
 			create l_message.make_from_string (parameters.account_rejected)
+			l_message.replace_substring_all ("$host", a_host)
+			l_message.replace_substring_all ("$sitename", parameters.site_name)
 			l_message.replace_substring_all ("$link", a_content)
 			send_message (contact_email, a_to, parameters.contact_subject_rejected, l_message)
 		end
 
 
 
-	send_contact_password_email (a_to, a_content: READABLE_STRING_8)
-			-- Send successful contact message `a_token' to `a_to'.
+	send_contact_password_email (a_to, a_content, a_host: READABLE_STRING_8)
+			-- Send successful new account password message to `a_to'.
 		require
 			attached_to: a_to /= Void
 		local
 			l_message: STRING
 		do
 			create l_message.make_from_string (parameters.account_password)
+			l_message.replace_substring_all ("$host", a_host)
+			l_message.replace_substring_all ("$sitename", parameters.site_name)
 			l_message.replace_substring_all ("$link", a_content)
 			send_message (contact_email, a_to, parameters.contact_subject_password, l_message)
 		end
 
-	send_contact_welcome_email (a_to, a_content: READABLE_STRING_8)
-			-- Send successful contact message `a_token' to `a_to'.
+	send_contact_welcome_email (a_to, a_content, a_host: READABLE_STRING_8)
+			-- Send successful welcome message to `a_to'.
 		require
 			attached_to: a_to /= Void
 		local
 			l_message: STRING
 		do
 			create l_message.make_from_string (parameters.account_welcome)
+			l_message.replace_substring_all ("$host", a_host)
+			l_message.replace_substring_all ("$sitenme", parameters.site_name)
 			l_message.replace_substring_all ("$link", a_content)
 			send_message (contact_email, a_to, parameters.contact_subject_oauth, l_message)
 		end
diff --git a/modules/auth/cms_user_temp_api.e b/modules/auth/cms_user_temp_api.e
new file mode 100644
index 0000000..94831a6
--- /dev/null
+++ b/modules/auth/cms_user_temp_api.e
@@ -0,0 +1,127 @@
+note
+	description: "API to handle temporal users"
+	date: "$Date$"
+	revision: "$Revision$"
+
+class
+	CMS_USER_TEMP_API
+
+inherit
+	CMS_MODULE_API
+
+	REFACTORING_HELPER
+
+create {CMS_AUTHENTICATION_MODULE}
+	make_with_storage
+
+feature {NONE} -- Initialization
+
+	make_with_storage (a_api: CMS_API; a_auth_storage: CMS_TEMPORAL_USER_STORAGE_I)
+			-- Create an object with api `a_api' and storage `a_auth_storage'.
+		do
+			auth_storage := a_auth_storage
+			make (a_api)
+		ensure
+			auth_storage_set:  auth_storage = a_auth_storage
+		end
+
+feature -- Access
+
+	users_count: INTEGER
+			-- Number of pending users.
+			--! to be accepted or rehected
+		do
+			Result := auth_storage.users_count
+		end
+
+	user_by_name (a_username: READABLE_STRING_GENERAL): detachable CMS_USER
+			-- User by name `a_user_name', if any.
+		do
+			Result := auth_storage.user_by_name (a_username.as_string_32)
+		end
+
+	user_by_email (a_email: READABLE_STRING_8): detachable CMS_USER
+			-- User by email `a_email', if any.
+		do
+			Result := auth_storage.user_by_email (a_email)
+		end
+
+	user_by_activation_token (a_token: READABLE_STRING_32): detachable CMS_USER
+			-- User by activation token `a_token'.
+		do
+			Result := auth_storage.user_by_activation_token (a_token)
+		end
+
+	recent_users (params: CMS_DATA_QUERY_PARAMETERS): ITERABLE [CMS_TEMPORAL_USER]
+			-- List of the `a_rows' most recent users starting from  `a_offset'.
+		do
+			Result := auth_storage.recent_users (params.offset.to_integer_32, params.size.to_integer_32)
+		end
+
+	token_by_user_id (a_id: like {CMS_USER}.id): detachable STRING
+		do
+			Result := auth_storage.token_by_user_id (a_id)
+		end
+
+feature -- Temp User
+
+	new_user_from_temporal_user (a_user: CMS_TEMPORAL_USER)
+			-- Add a new user `a_user'.
+		require
+			no_id: not a_user.has_id
+			has_hashed_password: a_user.hashed_password /= Void
+			has_sal: a_user.salt /= Void
+		do
+			reset_error
+			if
+				attached a_user.hashed_password as l_password and then
+				attached a_user.salt as l_salt and then
+				attached a_user.email as l_email
+			then
+				auth_storage.new_user_from_temporal_user (a_user)
+				error_handler.append (storage.error_handler)
+			else
+				error_handler.add_custom_error (0, "bad new user request", "Missing password or email to create new user!")
+			end
+		end
+
+	new_temp_user (a_user: CMS_TEMPORAL_USER)
+			-- Add a new user `a_user'.
+		require
+			no_id: not a_user.has_id
+			no_hashed_password: a_user.hashed_password = Void
+		do
+			reset_error
+			if
+				attached a_user.password as l_password and then
+				attached a_user.email as l_email
+			then
+				auth_storage.new_temp_user (a_user)
+				error_handler.append (storage.error_handler)
+			else
+				error_handler.add_custom_error (0, "bad new user request", "Missing password or email to create new user!")
+			end
+		end
+
+	remove_activation (a_token: READABLE_STRING_32)
+			-- Remove activation token `a_token', from the storage.
+		do
+			auth_storage.remove_activation (a_token)
+		end
+
+	delete_temporary_user (a_user: CMS_USER)
+			-- Delete user `a_user'.
+		require
+			has_id: a_user.has_id
+		do
+			reset_error
+			auth_storage.delete_user (a_user)
+			error_handler.append (storage.error_handler)
+		end
+
+feature {CMS_MODULE} -- Access: User auth storage.
+
+	auth_storage: CMS_TEMPORAL_USER_STORAGE_I
+			-- storage interface.
+
+end
diff --git a/modules/auth/model/cms_temporal_user.e b/modules/auth/model/cms_temporal_user.e
new file mode 100644
index 0000000..b2605a3
--- /dev/null
+++ b/modules/auth/model/cms_temporal_user.e
@@ -0,0 +1,44 @@
+note
+	description: "Summary description for {CMS_TEMPORAL_USER}."
+	date: "$Date$"
+	revision: "$Revision$"
+
+class
+	CMS_TEMPORAL_USER
+
+inherit
+
+	CMS_USER
+
+create
+	make,
+	make_with_id
+
+feature -- Access
+
+	personal_information: detachable STRING_32
+			-- User personal information.
+
+	salt: detachable STRING_32
+			-- User's password salt.		
+
+
+feature -- Element change
+
+	set_personal_information (an_personal_information: like personal_information)
+			-- Assign `personal_information' with `an_personal_information'.
+		do
+			personal_information := an_personal_information
+		ensure
+			personal_information_assigned: personal_information = an_personal_information
+		end
+
+	set_salt (a_salt: like salt)
+			-- Assign `salt' with `a_salt'.
+		do
+			salt := a_salt
+		ensure
+			salt_assigned: salt = a_salt
+		end
+
+end
diff --git a/modules/auth/persistence/cms_auth_storage_i.e b/modules/auth/persistence/cms_temporal_user_storage_i.e
similarity index 66%
rename from modules/auth/persistence/cms_auth_storage_i.e
rename to modules/auth/persistence/cms_temporal_user_storage_i.e
index e6ba77e..6b2f43a 100644
--- a/modules/auth/persistence/cms_auth_storage_i.e
+++ b/modules/auth/persistence/cms_temporal_user_storage_i.e
@@ -1,12 +1,12 @@
 note
 	description: "[
-		API to handle OAUTH storage
+		API to handle temporal User storage
 		]"
 	date: "$Date$"
 	revision: "$Revision$"
 
 deferred class
-	CMS_AUTH_STORAGE_I
+	CMS_TEMPORAL_USER_STORAGE_I
 
 inherit
 	SHARED_LOGGER
@@ -20,8 +20,14 @@ feature -- Error Handling
 
 feature -- Access: Users
 
+	users_count: INTEGER
+			-- Number of pending users
+			--! to be accepted or rejected
+		deferred
+		end
+
 	user_temp_by_id (a_uid: like {CMS_USER}.id; a_consumer_table: READABLE_STRING_GENERAL): detachable CMS_USER
-			-- Retrieve a user by id `a_uid' for the consumer `a_consumer', if aby.
+			-- Retrieve a temporal user by id `a_uid' for the consumer `a_consumer', if aby.
 		deferred
 		end
 
@@ -51,14 +57,33 @@ feature -- Access: Users
 			password: Result /= Void implies (Result.hashed_password /= Void and Result.password = Void)
 		end
 
+	recent_users (a_lower: INTEGER; a_count: INTEGER): LIST [CMS_TEMPORAL_USER]
+			-- List of recent `a_count' temporal users with an offset of `lower'.
+		deferred
+		end
+
+
+	token_by_user_id (a_id: like {CMS_USER}.id): detachable STRING
+			-- Retrieve activation token for user identified with id `a_id', if any.
+		deferred
+		end
+
+
 feature -- New Temp User
 
+	new_user_from_temporal_user (a_user: CMS_TEMPORAL_USER)
+  			-- new user from temporal user `a_user'
+  		require
+  			no_id: not a_user.has_id
+  		deferred
+  		end
+
 	remove_activation (a_token: READABLE_STRING_32)
 			-- Remove activation by token `a_token'.
 		deferred
 		end
 
-	new_temp_user (a_user: CMS_USER)
+	new_temp_user (a_user: CMS_TEMPORAL_USER)
 			-- New temp user `a_user'.
 		require
 			no_id: not a_user.has_id
diff --git a/modules/auth/persistence/cms_auth_storage_null.e b/modules/auth/persistence/cms_temporal_user_storage_null.e
similarity index 57%
rename from modules/auth/persistence/cms_auth_storage_null.e
rename to modules/auth/persistence/cms_temporal_user_storage_null.e
index 18abc06..39292ca 100644
--- a/modules/auth/persistence/cms_auth_storage_null.e
+++ b/modules/auth/persistence/cms_temporal_user_storage_null.e
@@ -1,14 +1,14 @@
 note
-	description: "Summary description for {CMS_AUTH_STORAGE_NULL}."
+	description: "Summary description for {CMS_TEMPORAL_USER_STORAGE_NULL}."
 	date: "$Date$"
 	revision: "$Revision$"
 
 class
-	CMS_AUTH_STORAGE_NULL
+	CMS_TEMPORAL_USER_STORAGE_NULL
 
 inherit
 
-	CMS_AUTH_STORAGE_I
+	CMS_TEMPORAL_USER_STORAGE_I
 
 
 feature -- Error handler
@@ -21,6 +21,11 @@ feature -- Error handler
 
 feature -- Access: Users
 
+	users_count: INTEGER
+			-- <Precursor>
+		do
+		end
+
 	user_temp_by_id (a_uid: like {CMS_USER}.id; a_consumer_table: READABLE_STRING_GENERAL): detachable CMS_USER
 			-- <Precursor>
 		do
@@ -41,14 +46,31 @@ feature -- Access: Users
 		do
 		end
 
+	recent_users (a_lower: INTEGER; a_count: INTEGER): LIST [CMS_TEMPORAL_USER]
+			-- List of recent `a_count' temporal users with an offset of `lower'.
+		do
+			create {ARRAYED_LIST[CMS_TEMPORAL_USER]} Result.make (0)
+		end
+
+	token_by_user_id (a_id: like {CMS_USER}.id): detachable STRING
+			-- <Precursor>
+		do
+		end
+
 feature -- Temp Users
 
+	new_user_from_temporal_user (a_user: CMS_TEMPORAL_USER)
+			-- <Precursor>
+		do
+  		end
+
+
 	remove_activation (a_token: READABLE_STRING_32)
 			-- <Precursor>.
 		do
 		end
 
-	new_temp_user (a_user: CMS_USER)
+	new_temp_user (a_user: CMS_TEMPORAL_USER)
 			-- <Precursor>
 		do
 		end
diff --git a/modules/auth/persistence/cms_auth_storage_sql.e b/modules/auth/persistence/cms_temporal_user_storage_sql.e
similarity index 54%
rename from modules/auth/persistence/cms_auth_storage_sql.e
rename to modules/auth/persistence/cms_temporal_user_storage_sql.e
index 4707972..a6244ff 100644
--- a/modules/auth/persistence/cms_auth_storage_sql.e
+++ b/modules/auth/persistence/cms_temporal_user_storage_sql.e
@@ -1,13 +1,13 @@
 note
-	description: "Summary description for {CMS_AUTH_STORAGE_SQL}."
+	description: "Summary description for {CMS_TEMPORAL_USER_STORAGE_SQL}."
 	date: "$Date$"
 	revision: "$Revision$"
 
 class
-	CMS_AUTH_STORAGE_SQL
+	CMS_TEMPORAL_USER_STORAGE_SQL
 
 inherit
-	CMS_AUTH_STORAGE_I
+	CMS_TEMPORAL_USER_STORAGE_I
 
 	CMS_PROXY_STORAGE_SQL
 
@@ -18,7 +18,22 @@ inherit
 create
 	make
 
-feature -- Access User Outh
+feature -- Access User
+
+	users_count: INTEGER
+			-- Number of items users.
+		do
+			error_handler.reset
+			write_information_log (generator + ".user_count")
+
+			sql_query (select_temporal_users_count, Void)
+			if not has_error and then not sql_after then
+				Result := sql_read_integer_64 (1).to_integer_32
+				sql_forth
+				check one_row: sql_after end
+			end
+			sql_finalize
+		end
 
 
 	user_temp_by_id (a_uid: like {CMS_USER}.id; a_consumer: READABLE_STRING_GENERAL): detachable CMS_USER
@@ -98,10 +113,56 @@ feature -- Access User Outh
 			sql_finalize
 		end
 
+	recent_users (a_lower: INTEGER; a_count: INTEGER): LIST [CMS_TEMPORAL_USER]
+			-- <Precursor>
+		local
+			l_parameters: STRING_TABLE [detachable ANY]
+		do
+			create {ARRAYED_LIST [CMS_TEMPORAL_USER]} Result.make (0)
+
+			error_handler.reset
+			write_information_log (generator + ".recent_users")
+
+			from
+				create l_parameters.make (2)
+				l_parameters.put (a_count, "rows")
+				l_parameters.put (a_lower, "offset")
+				sql_query (sql_select_recent_users, l_parameters)
+				sql_start
+			until
+				sql_after
+			loop
+				if attached fetch_user as l_user then
+					Result.force (l_user)
+				end
+				sql_forth
+			end
+			sql_finalize
+		end
+
+	token_by_user_id (a_id: like {CMS_USER}.id): detachable STRING
+			-- Number of items users.
+		local
+			l_parameters: STRING_TABLE [detachable ANY]
+		do
+			error_handler.reset
+			write_information_log (generator + ".token_by_user_id")
+			create l_parameters.make (1)
+			l_parameters.put (a_id, "uid")
+
+
+			sql_query (select_token_activation_by_user_id, l_parameters)
+			if not has_error and then not sql_after then
+				Result := sql_read_string (1)
+				sql_forth
+				check one_row: sql_after end
+			end
+			sql_finalize
+		end
 
 feature {NONE} -- Implementation: User
 
-	fetch_user: detachable CMS_USER
+	fetch_user: detachable CMS_TEMPORAL_USER
 		local
 			l_id: INTEGER_64
 			l_name: detachable READABLE_STRING_32
@@ -124,17 +185,16 @@ feature {NONE} -- Implementation: User
 
 			if Result /= Void then
 				if attached sql_read_string (3) as l_password then
-						-- FIXME: should we return the password here ???
 					Result.set_hashed_password (l_password)
 				end
 				if attached sql_read_string (4) as l_salt then
-					Result.set_email (l_salt)
+					Result.set_salt (l_salt)
 				end
 				if attached sql_read_string (5) as l_email then
 					Result.set_email (l_email)
 				end
 				if attached sql_read_string (6) as l_application then
-					Result.set_application (l_application)
+					Result.set_personal_information (l_application)
 				end
 			else
 				check expected_valid_user: False end
@@ -142,9 +202,47 @@ feature {NONE} -- Implementation: User
 		end
 
 
-feature -- New Temp User	
+feature -- New Temp User
 
-	new_temp_user (a_user: CMS_USER)
+	new_user_from_temporal_user (a_user: CMS_TEMPORAL_USER)
+			-- <Precursor>
+  		local
+  			l_parameters: STRING_TABLE [detachable ANY]
+  		do
+  			error_handler.reset
+  			if
+  				attached a_user.hashed_password as l_password_hash and then
+  				attached a_user.email as l_email and then
+  				attached a_user.salt as l_password_salt
+  			then
+  				sql_begin_transaction
+
+  				write_information_log (generator  + ".new_user")
+  				create l_parameters.make (4)
+  				l_parameters.put (a_user.name, "name")
+  				l_parameters.put (l_password_hash, "password")
+  				l_parameters.put (l_password_salt, "salt")
+  				l_parameters.put (l_email, "email")
+  				l_parameters.put (create {DATE_TIME}.make_now_utc, "created")
+  				l_parameters.put (a_user.status, "status")
+
+  				sql_insert (sql_insert_user, l_parameters)
+  				if not error_handler.has_error then
+  					a_user.set_id (last_inserted_user_id)
+  				end
+  				if not error_handler.has_error then
+  					sql_commit_transaction
+  				else
+  					sql_rollback_transaction
+  				end
+  				sql_finalize
+  			else
+  				-- set error
+  				error_handler.add_custom_error (-1, "bad request" , "Missing password or email")
+  			end
+  		end
+
+	new_temp_user (a_user: CMS_TEMPORAL_USER)
 			-- Add a new temp_user `a_user'.
 		local
 			l_parameters: STRING_TABLE [detachable ANY]
@@ -155,7 +253,7 @@ feature -- New Temp User
 			if
 				attached a_user.password as l_password and then
 				attached a_user.email as l_email and then
-				attached a_user.application as l_application
+				attached a_user.personal_information as l_personal_information
 			then
 
 				create l_security
@@ -168,12 +266,12 @@ feature -- New Temp User
 				l_parameters.put (l_password_hash, "password")
 				l_parameters.put (l_password_salt, "salt")
 				l_parameters.put (l_email, "email")
-				l_parameters.put (l_application, "application")
+				l_parameters.put (l_personal_information, "application")
 
 				sql_begin_transaction
-				sql_insert (sql_insert_user, l_parameters)
+				sql_insert (sql_insert_temp_user, l_parameters)
 				if not error_handler.has_error then
-					a_user.set_id (last_inserted_user_id)
+					a_user.set_id (last_inserted_temp_user_id)
 					sql_commit_transaction
 				else
 					sql_rollback_transaction
@@ -213,18 +311,32 @@ feature -- Remove Activation
 			write_information_log (generator + ".delete_user")
 			create l_parameters.make (1)
 			l_parameters.put (a_user.id, "uid")
-			sql_modify (sql_delete_user, l_parameters)
+			sql_modify (sql_delete_temp_user, l_parameters)
 			sql_commit_transaction
 			sql_finalize
 		end
 feature  {NONE} -- Implementation
 
+	last_inserted_temp_user_id: INTEGER_64
+			-- Last insert user id.
+		do
+			error_handler.reset
+			write_information_log (generator + ".last_inserted_temp_user_id")
+			sql_query (sql_last_insert_temp_user_id, Void)
+			if not sql_after then
+				Result := sql_read_integer_64 (1)
+				sql_forth
+				check one_row: sql_after end
+			end
+			sql_finalize
+		end
+
 	last_inserted_user_id: INTEGER_64
 			-- Last insert user id.
 		do
 			error_handler.reset
 			write_information_log (generator + ".last_inserted_user_id")
-			sql_query (Sql_last_insert_user_id, Void)
+			sql_query (sql_last_insert_user_id, Void)
 			if not sql_after then
 				Result := sql_read_integer_64 (1)
 				sql_forth
@@ -235,25 +347,42 @@ feature  {NONE} -- Implementation
 
 feature {NONE} -- SQL select
 
-	Sql_last_insert_user_id: STRING = "SELECT MAX(uid) FROM auth_temp_user;"
-
-	Select_user_auth_temp_by_id: STRING = "SELECT uid, name, password, salt, email, application FROM auth_temp_user as u where uid=:uid;"
+	sql_last_insert_temp_user_id: STRING = "SELECT MAX(uid) FROM auth_temp_users;"
 
 
-	sql_insert_user: STRING = "INSERT INTO auth_temp_user (name, password, salt, email, application) VALUES (:name, :password, :salt, :email, :application);"
+	Select_user_auth_temp_by_id: STRING = "SELECT uid, name, password, salt, email, application FROM auth_temp_users as u where uid=:uid;"
+
+
+	sql_insert_temp_user: STRING = "INSERT INTO auth_temp_users (name, password, salt, email, application) VALUES (:name, :password, :salt, :email, :application);"
 			-- SQL Insert to add a new user.
 
-	Select_user_by_name: STRING = "SELECT uid, name, password, salt, email, application FROM auth_temp_user WHERE name =:name;"
+	Select_user_by_name: STRING = "SELECT uid, name, password, salt, email, application FROM auth_temp_users WHERE name =:name;"
 			-- Retrieve user by name if exists.
 
-	Select_user_by_email: STRING = "SELECT uid, name, password, salt, email, application FROM auth_temp_user WHERE email =:email;"
+	Select_user_by_email: STRING = "SELECT uid, name, password, salt, email, application FROM auth_temp_users WHERE email =:email;"
 			-- Retrieve user by email if exists.
 
-	Select_user_by_activation_token: STRING = "SELECT u.uid, u.name, u.password, u.salt, u.email, u.application FROM auth_temp_user as u JOIN users_activations as ua ON ua.uid = u.uid and ua.token = :token;"
+	Select_user_by_activation_token: STRING = "SELECT u.uid, u.name, u.password, u.salt, u.email, u.application FROM auth_temp_users as u JOIN users_activations as ua ON ua.uid = u.uid and ua.token = :token;"
 			-- Retrieve user by activation token if exist.
 
 	Sql_remove_activation: STRING = "DELETE FROM users_activations WHERE token = :token;"
 			-- Remove activation token.		
 
-	Sql_delete_user: STRING = "DELETE FROM auth_temp_user WHERE uid=:uid;"
+	sql_delete_temp_user: STRING = "DELETE FROM auth_temp_users WHERE uid=:uid;"
+
+
+	Sql_last_insert_user_id: STRING = "SELECT MAX(uid) FROM users;"
+
+	sql_insert_user: STRING = "INSERT INTO users (name, password, salt, email, created, status) VALUES (:name, :password, :salt, :email, :created, :status);"
+			-- SQL Insert to add a new user.		
+
+
+	Select_temporal_users_count: STRING = "SELECT count(*) FROM auth_temp_users;"
+			-- Number of temporal users.			
+
+	Sql_select_recent_users: STRING = "SELECT uid, name, password, salt, email, application FROM auth_temp_users ORDER BY uid DESC LIMIT :rows OFFSET :offset ;"
+			-- Retrieve recent users
+
+	select_token_activation_by_user_id: STRING = "SELECT token FROM users_activations WHERE uid = :uid;"
+
 end
diff --git a/modules/auth/site/files/css/auth.css b/modules/auth/site/files/css/auth.css
new file mode 100644
index 0000000..27984a9
--- /dev/null
+++ b/modules/auth/site/files/css/auth.css
@@ -0,0 +1,22 @@
+ul.cms-temp-users {
+  list-style-type: none;
+  padding: 3px 3px 3px 3px;
+  border: solid 1px #ccc; }
+  ul.cms-temp-users li {
+    border-top: dotted 1px #ccc; }
+    ul.cms-temp-users li:first-child {
+      border-top: none; }
+  ul.cms-temp-users li.cms_temp_user ul.cms_temp_user_details {
+    list-style-type: none;
+    padding: 3px 3px 3px 3px;
+    border: solid 1px #ccc; }
+    ul.cms-temp-users li.cms_temp_user ul.cms_temp_user_details li {
+      border-top: dotted 1px #ccc; }
+      ul.cms-temp-users li.cms_temp_user ul.cms_temp_user_details li:first-child {
+        border-top: none; }
+    ul.cms-temp-users li.cms_temp_user ul.cms_temp_user_details li.cms_temp_user_detail_information::before {
+      content: "[personal information] "; }
+    ul.cms-temp-users li.cms_temp_user ul.cms_temp_user_details li.cms_temp_user_detail_email::before {
+      content: "[email] "; }
+
+/*# sourceMappingURL=auth.css.map */
diff --git a/modules/auth/site/files/scss/auth.css b/modules/auth/site/files/scss/auth.css
new file mode 100644
index 0000000..27984a9
--- /dev/null
+++ b/modules/auth/site/files/scss/auth.css
@@ -0,0 +1,22 @@
+ul.cms-temp-users {
+  list-style-type: none;
+  padding: 3px 3px 3px 3px;
+  border: solid 1px #ccc; }
+  ul.cms-temp-users li {
+    border-top: dotted 1px #ccc; }
+    ul.cms-temp-users li:first-child {
+      border-top: none; }
+  ul.cms-temp-users li.cms_temp_user ul.cms_temp_user_details {
+    list-style-type: none;
+    padding: 3px 3px 3px 3px;
+    border: solid 1px #ccc; }
+    ul.cms-temp-users li.cms_temp_user ul.cms_temp_user_details li {
+      border-top: dotted 1px #ccc; }
+      ul.cms-temp-users li.cms_temp_user ul.cms_temp_user_details li:first-child {
+        border-top: none; }
+    ul.cms-temp-users li.cms_temp_user ul.cms_temp_user_details li.cms_temp_user_detail_information::before {
+      content: "[personal information] "; }
+    ul.cms-temp-users li.cms_temp_user ul.cms_temp_user_details li.cms_temp_user_detail_email::before {
+      content: "[email] "; }
+
+/*# sourceMappingURL=auth.css.map */
diff --git a/modules/auth/site/files/scss/auth.css.map b/modules/auth/site/files/scss/auth.css.map
new file mode 100644
index 0000000..670235d
--- /dev/null
+++ b/modules/auth/site/files/scss/auth.css.map
@@ -0,0 +1,7 @@
+{
+"version": 3,
+"mappings": "AAAA,iBAAkB;EAEjB,eAAe,EAAE,IAAI;EACrB,OAAO,EAAE,eAAe;EACxB,MAAM,EAAE,cAAc;EAEtB,oBAAE;IACD,UAAU,EAAE,eAAe;IAC3B,gCAAc;MACb,UAAU,EAAE,IAAI;EAMjB,2DAAyB;IACxB,eAAe,EAAE,IAAI;IACrB,OAAO,EAAE,eAAe;IACxB,MAAM,EAAE,cAAc;IAEtB,8DAAE;MACD,UAAU,EAAE,eAAe;MAC3B,0EAAc;QACb,UAAU,EAAE,IAAI;IAGlB,uGAA2C;MAC1C,OAAO,EAAE,yBAAyB;IAEnC,iGAAqC;MACpC,OAAO,EAAE,UAAU",
+"sources": ["auth.scss"],
+"names": [],
+"file": "auth.css"
+}
diff --git a/modules/auth/site/files/scss/auth.scss b/modules/auth/site/files/scss/auth.scss
new file mode 100644
index 0000000..38fe7b5
--- /dev/null
+++ b/modules/auth/site/files/scss/auth.scss
@@ -0,0 +1,37 @@
+ul.cms-temp-users {
+	
+	list-style-type: none;
+	padding: 3px 3px 3px 3px;
+	border: solid 1px #ccc;
+
+	li{
+		border-top: dotted 1px #ccc;
+		&:first-child {
+			border-top: none;
+		}
+	}
+
+	li.cms_temp_user {
+
+		ul.cms_temp_user_details {
+			list-style-type: none;
+			padding: 3px 3px 3px 3px;
+			border: solid 1px #ccc;
+			
+			li{
+				border-top: dotted 1px #ccc;
+				&:first-child {
+					border-top: none;
+				}
+			}
+			li.cms_temp_user_detail_information::before{
+				content: "[personal information] "
+			}
+			li.cms_temp_user_detail_email::before{
+				content: "[email] "
+			}
+		}		
+	}
+}
+
+
diff --git a/modules/auth/site/mail_templates/account_activation.html b/modules/auth/site/mail_templates/account_activation.html
index 0d404a0..f85597a 100644
--- a/modules/auth/site/mail_templates/account_activation.html
+++ b/modules/auth/site/mail_templates/account_activation.html
@@ -4,11 +4,11 @@
 	  <meta charset="utf-8">
 	  <title>Activation</title>
 	  <meta name="description" content="Activation">
-	  <meta name="author" content="ROC CMS">
+	  <meta name="author" content="$sitename">
 	</head>
 
 	<body>
-		<p>Thank you for applying to  <a href="$host">ROC CMS</a> $user</p>
+		<p>Thank you for applying to  <a href="$host">$sitename</a> $user</p>
 		<p>We will review your application and send you a resolution<p>
 	</body>
 </html>
\ No newline at end of file
diff --git a/modules/auth/site/mail_templates/account_activation_confirmation.html b/modules/auth/site/mail_templates/account_activation_confirmation.html
index 950fccf..b185ad5 100644
--- a/modules/auth/site/mail_templates/account_activation_confirmation.html
+++ b/modules/auth/site/mail_templates/account_activation_confirmation.html
@@ -2,13 +2,13 @@
 <html lang="en">
 	<head>
 	  <meta charset="utf-8">
-	  <title>Activation</title>
+	  <title>Activation Confirmation</title>
 	  <meta name="description" content="Activation Confirmation">
-	  <meta name="author" content="ROC CMS">
+	  <meta name="author" content="$sitename">
 	</head>
 
 	<body>
-		<p>Your account has been confirmed  <a href="...">ROC CMS</a> $email</p>
+		<p>Your account has been confirmed  <a href="$host">$sitename</a> $email</p>
 		<p>Thank you for joining us.</p>
 	</body>
 </html>
\ No newline at end of file
diff --git a/modules/auth/site/mail_templates/account_new_password.html b/modules/auth/site/mail_templates/account_new_password.html
index ad2792d..0ad6560 100644
--- a/modules/auth/site/mail_templates/account_new_password.html
+++ b/modules/auth/site/mail_templates/account_new_password.html
@@ -4,11 +4,11 @@
 	  <meta charset="utf-8">
 	  <title>New Password</title>
 	  <meta name="description" content="New Password">
-	  <meta name="author" content="ROC CMS">
+	  <meta name="author" content="$sitename">
 	</head>
 
 	<body>
-		<p>You have required a new password at <a href="$host">ROC CMS</a></p>
+		<p>You have required a new password at <a href="$host">$sitename</a></p>
 
 		<p>To complete your request, please click on this link to genereate a new password:<p>
 
diff --git a/modules/auth/site/mail_templates/account_re_activation.html b/modules/auth/site/mail_templates/account_re_activation.html
index 3590804..fe3403c 100644
--- a/modules/auth/site/mail_templates/account_re_activation.html
+++ b/modules/auth/site/mail_templates/account_re_activation.html
@@ -4,11 +4,11 @@
 	  <meta charset="utf-8">
 	  <title>New Activation</title>
 	  <meta name="description" content="New Activation token">
-	  <meta name="author" content="ROC CMS">
+	  <meta name="author" content="$sitename">
 	</head>
 
 	<body>
-		<p>You have request a new activation token at <a href="$host">ROC CMS</a></p>
+		<p>You have request a new activation token at <a href="$host">$sitename</a></p>
 
 		<p>To complete your registration, please click on this link to activate your account:<p>
 
diff --git a/modules/auth/site/mail_templates/account_rejected.html b/modules/auth/site/mail_templates/account_rejected.html
index 9cefb80..e4811a2 100644
--- a/modules/auth/site/mail_templates/account_rejected.html
+++ b/modules/auth/site/mail_templates/account_rejected.html
@@ -2,12 +2,12 @@
 <html lang="en">
 	<head>
 	  <meta charset="utf-8">
-	  <title>New Activation</title>
+	  <title>Application Rejected</title>
 	  <meta name="description" content="Application Rejected">
-	  <meta name="author" content="ROC CMS">
+	  <meta name="author" content="$sitename">
 	</head>
 
 	<body>
-		<p>You requested has been rejected, your application does not conform our rules <a href="...">ROC CMS</a></p>
+		<p>You requested has been rejected, your application does not conform our rules <a href="$host">$sitename</a></p>
 	</body>
 </html>
\ No newline at end of file
diff --git a/modules/auth/site/mail_templates/account_welcome.html b/modules/auth/site/mail_templates/account_welcome.html
index facecee..b2b8d04 100644
--- a/modules/auth/site/mail_templates/account_welcome.html
+++ b/modules/auth/site/mail_templates/account_welcome.html
@@ -4,10 +4,10 @@
 	  <meta charset="utf-8">
 	  <title>Welcome</title>
 	  <meta name="description" content="Welcome">
-	  <meta name="author" content="ROC CMS">
+	  <meta name="author" content="$sitename">
 	</head>
 	<body>
-		<p>Welcome to<a href="$host">ROC CMS</a></p>
+		<p>Welcome to<a href="$host">$sitename</a></p>
 		<p>Thank you for joining us.</p>
 	</body>
 </html>
diff --git a/modules/auth/site/mail_templates/account_evaluation.html b/modules/auth/site/mail_templates/admin_account_evaluation.html
similarity index 75%
rename from modules/auth/site/mail_templates/account_evaluation.html
rename to modules/auth/site/mail_templates/admin_account_evaluation.html
index 002292d..e626446 100644
--- a/modules/auth/site/mail_templates/account_evaluation.html
+++ b/modules/auth/site/mail_templates/admin_account_evaluation.html
@@ -4,12 +4,12 @@
   <meta charset="utf-8">
   <title>Account Evaluation</title>
   <meta name="description" content="Account Evaluation">
-  <meta name="author" content="ROC CMS">
+  <meta name="author" content="$sitename">
 </head>
 
 <body>
     <h2> Account Evaluation </h2>
-	<p>The user $user ($email) wants to register to the site <a href="$host">ROC CMS</a></p>
+	<p>The user $user ($email) wants to register to the site <a href="$host">$sitename</a></p>
 
 	<blockquote><p>This is his/her application.</p>
 	  <p>$application</p>
@@ -17,10 +17,10 @@
 
 	<p>To complete the registration, please click on the following link to activate the user account:<p>
 
-	<p><a href="$activate">$activate</a></p>
+	<p><a href="$activation_url">$activation_url</a></p>
 
 	<p>To reject the registration, please click on the following link <p>
 
-	<p><a href="$reject">$reject</a></p>
+	<p><a href="$rejection_url<">$rejection_url</a></p>
 </body>
 </html>
diff --git a/modules/auth/site/scripts/auth_temp_users.tpl b/modules/auth/site/scripts/auth_temp_users.tpl
index 14d42f6..d06c641 100644
--- a/modules/auth/site/scripts/auth_temp_users.tpl
+++ b/modules/auth/site/scripts/auth_temp_users.tpl
@@ -1,7 +1,7 @@
 
 DROP TABLE IF EXISTS "auth_temp_users";
 CREATE TABLE `auth_temp_users` (
-  `uid` INTEGER PRIMARY KEY AUTOINCREMENT NOT NULL,
+  `uid` INTEGER PRIMARY KEY AUTO_INCREMENT NOT NULL,
   `name` VARCHAR(100) NOT NULL,
   `password` VARCHAR(100) NOT NULL,
   `salt` VARCHAR(100) NOT NULL,
diff --git a/modules/auth/site/templates/block_register.tpl b/modules/auth/site/templates/block_register.tpl
index e55b7b1..39104ef 100644
--- a/modules/auth/site/templates/block_register.tpl
+++ b/modules/auth/site/templates/block_register.tpl
@@ -21,10 +21,10 @@
                 {/if}
             </div>
             <div>
-               <textarea rows="4" cols="50" name="application" id="application" required>
-			   				{$application/}
+               <textarea rows="4" cols="50" name="personal_information" id="personal_information" required>
+			   				{$personal_information/}
 			   </textarea>
-			   <label for="application">Tell us why you want to register an account</label>
+			   <label for="personal_information">Tell us why you want to register an account</label>
                 {if isset="$error_application"}
                     <span><i>{$error_application/}</i></span> <br>
                 {/if}
diff --git a/modules/oauth20/cms_oauth_20_module.e b/modules/oauth20/cms_oauth_20_module.e
index 7cf6bab..7687548 100644
--- a/modules/oauth20/cms_oauth_20_module.e
+++ b/modules/oauth20/cms_oauth_20_module.e
@@ -493,7 +493,7 @@ feature -- OAuth2 Login with Provider
 									-- Send Email
 							create es.make (create {CMS_AUTHENTICATION_EMAIL_SERVICE_PARAMETERS}.make (api))
 							write_debug_log (generator + ".handle_callback_oauth: send_contact_welcome_email")
-							es.send_contact_welcome_email (l_email, "")
+							es.send_contact_welcome_email (l_email, "", req.absolute_script_url (""))
 						end
 					end
 					r.set_redirection (r.front_page_url)
diff --git a/modules/openid/cms_openid_module.e b/modules/openid/cms_openid_module.e
index cc84735..aa42bab 100644
--- a/modules/openid/cms_openid_module.e
+++ b/modules/openid/cms_openid_module.e
@@ -443,7 +443,7 @@ feature -- Openid Login
 									-- Send Email
 							create es.make (create {CMS_AUTHENTICATION_EMAIL_SERVICE_PARAMETERS}.make (api))
 							write_debug_log (generator + ".handle_callback_openid: send_contact_welcome_email")
-							es.send_contact_welcome_email (l_email, "")
+							es.send_contact_welcome_email (l_email, "", req.absolute_script_url (""))
 						end
 					end
 					r.set_redirection (r.front_page_url)
diff --git a/src/persistence/user/cms_user_storage_i.e b/src/persistence/user/cms_user_storage_i.e
index 958eca3..ca7967c 100644
--- a/src/persistence/user/cms_user_storage_i.e
+++ b/src/persistence/user/cms_user_storage_i.e
@@ -104,12 +104,6 @@ feature -- Change: user
 		deferred
 		end
 
-	new_user_from_temporal_user (a_user: CMS_USER)
-		require
-			no_id: not a_user.has_id
-		deferred
-		end
-
 	update_user (a_user: CMS_USER)
 			-- Save user `a_user'.
 		require
diff --git a/src/persistence/user/cms_user_storage_sql_i.e b/src/persistence/user/cms_user_storage_sql_i.e
index 16129c0..e0c7d7f 100644
--- a/src/persistence/user/cms_user_storage_sql_i.e
+++ b/src/persistence/user/cms_user_storage_sql_i.e
@@ -198,45 +198,6 @@ feature -- Access: user
 		end
 feature -- Change: user
 
-	new_user_from_temporal_user (a_user: CMS_USER)
-			-- Add a new user `a_user'.
-		local
-			l_parameters: STRING_TABLE [detachable ANY]
-		do
-			error_handler.reset
-			if
-				attached a_user.hashed_password as l_password_hash and then
-				attached a_user.email as l_email and then
-				attached a_user.salt as l_password_salt
-			then
-				sql_begin_transaction
-
-				write_information_log (generator + ".new_user")
-				create l_parameters.make (4)
-				l_parameters.put (a_user.name, "name")
-				l_parameters.put (l_password_hash, "password")
-				l_parameters.put (l_password_salt, "salt")
-				l_parameters.put (l_email, "email")
-				l_parameters.put (create {DATE_TIME}.make_now_utc, "created")
-				l_parameters.put (a_user.status, "status")
-
-				sql_insert (sql_insert_user, l_parameters)
-				if not error_handler.has_error then
-					a_user.set_id (last_inserted_user_id)
-					update_user_roles (a_user)
-				end
-				if not error_handler.has_error then
-					sql_commit_transaction
-				else
-					sql_rollback_transaction
-				end
-				sql_finalize
-			else
-				-- set error
-				error_handler.add_custom_error (-1, "bad request" , "Missing password or email")
-			end
-		end
-
 	new_user (a_user: CMS_USER)
 			-- Add a new user `a_user'.
 		local
diff --git a/src/service/user/cms_user_api.e b/src/service/user/cms_user_api.e
index 36f1e47..76ba365 100644
--- a/src/service/user/cms_user_api.e
+++ b/src/service/user/cms_user_api.e
@@ -260,26 +260,6 @@ feature -- Change User
 			end
 		end
 
-	new_user_from_temporal_user (a_user: CMS_USER)
-			-- Add a new user `a_user'.
-		require
-			no_id: not a_user.has_id
-			has_hashed_password: a_user.hashed_password /= Void
-			has_sal: a_user.salt /= Void
-		do
-			reset_error
-			if
-				attached a_user.hashed_password as l_password and then
-				attached a_user.salt as l_salt and then
-				attached a_user.email as l_email
-			then
-				storage.new_user (a_user)
-				error_handler.append (storage.error_handler)
-			else
-				error_handler.add_custom_error (0, "bad new user request", "Missing password or email to create new user!")
-			end
-		end
-
 	update_user (a_user: CMS_USER)
 			-- Update user `a_user'.
 		require

From 0cf6e59a7608b2fe605e128bf6a348b680ded6c4 Mon Sep 17 00:00:00 2001
From: jvelilla <javier.hector@gmail.com>
Date: Fri, 8 Jan 2016 20:26:34 -0300
Subject: [PATCH 4/8] Updated templates and fixed typos. Renamed classes

---
 .../mail_templates/account_new_password.html  |  2 +-
 .../auth/mail_templates/account_welcome.html  |  2 +-
 .../admin_account_evaluation.html             |  2 +-
 .../modules/auth/scripts/auth_temp_users.sql  |  6 ++---
 .../block_admin_pending_registrations.tpl     | 21 ++++++++++++++++
 ..._authentication_email_service_parameters.e |  2 +-
 modules/auth/cms_authentication_module.e      | 24 +++++++++----------
 ...ms_user_temp_api.e => cms_temp_user_api.e} | 14 +++++------
 .../{cms_temporal_user.e => cms_temp_user.e}  |  4 ++--
 ..._storage_i.e => cms_temp_user_storage_i.e} | 10 ++++----
 ...ge_null.e => cms_temp_user_storage_null.e} | 16 ++++++-------
 ...rage_sql.e => cms_temp_user_storage_sql.e} | 18 +++++++-------
 .../mail_templates/account_new_password.html  |  2 +-
 .../site/mail_templates/account_welcome.html  |  2 +-
 .../admin_account_evaluation.html             |  2 +-
 .../auth/site/scripts/auth_temp_users.sql     |  4 ++--
 modules/auth/site/scripts/auth_temp_users.tpl | 13 ----------
 .../block_admin_pending_registrations.tpl     | 21 ++++++++++++++++
 18 files changed, 97 insertions(+), 68 deletions(-)
 create mode 100644 examples/demo/site/modules/auth/templates/block_admin_pending_registrations.tpl
 rename modules/auth/{cms_user_temp_api.e => cms_temp_user_api.e} (90%)
 rename modules/auth/model/{cms_temporal_user.e => cms_temp_user.e} (90%)
 rename modules/auth/persistence/{cms_temporal_user_storage_i.e => cms_temp_user_storage_i.e} (92%)
 rename modules/auth/persistence/{cms_temporal_user_storage_null.e => cms_temp_user_storage_null.e} (76%)
 rename modules/auth/persistence/{cms_temporal_user_storage_sql.e => cms_temp_user_storage_sql.e} (96%)
 rename examples/demo/site/modules/auth/scripts/auth_temp_users.tpl => modules/auth/site/scripts/auth_temp_users.sql (88%)
 delete mode 100644 modules/auth/site/scripts/auth_temp_users.tpl
 create mode 100644 modules/auth/site/templates/block_admin_pending_registrations.tpl

diff --git a/examples/demo/site/modules/auth/mail_templates/account_new_password.html b/examples/demo/site/modules/auth/mail_templates/account_new_password.html
index 0ad6560..ed5f4f4 100644
--- a/examples/demo/site/modules/auth/mail_templates/account_new_password.html
+++ b/examples/demo/site/modules/auth/mail_templates/account_new_password.html
@@ -10,7 +10,7 @@
 	<body>
 		<p>You have required a new password at <a href="$host">$sitename</a></p>
 
-		<p>To complete your request, please click on this link to genereate a new password:<p>
+		<p>To complete your request, please click on this link to generate a new password:<p>
 
 		<p><a href="$link">$link</a></p>
 	</body>
diff --git a/examples/demo/site/modules/auth/mail_templates/account_welcome.html b/examples/demo/site/modules/auth/mail_templates/account_welcome.html
index b2b8d04..7371013 100644
--- a/examples/demo/site/modules/auth/mail_templates/account_welcome.html
+++ b/examples/demo/site/modules/auth/mail_templates/account_welcome.html
@@ -7,7 +7,7 @@
 	  <meta name="author" content="$sitename">
 	</head>
 	<body>
-		<p>Welcome to<a href="$host">$sitename</a></p>
+		<p>Welcome to <a href="$host">$sitename</a></p>
 		<p>Thank you for joining us.</p>
 	</body>
 </html>
diff --git a/examples/demo/site/modules/auth/mail_templates/admin_account_evaluation.html b/examples/demo/site/modules/auth/mail_templates/admin_account_evaluation.html
index e626446..dcecbac 100644
--- a/examples/demo/site/modules/auth/mail_templates/admin_account_evaluation.html
+++ b/examples/demo/site/modules/auth/mail_templates/admin_account_evaluation.html
@@ -11,7 +11,7 @@
     <h2> Account Evaluation </h2>
 	<p>The user $user ($email) wants to register to the site <a href="$host">$sitename</a></p>
 
-	<blockquote><p>This is his/her application.</p>
+	<blockquote><p>User application:</p>
 	  <p>$application</p>
 	</blockquote>
 
diff --git a/examples/demo/site/modules/auth/scripts/auth_temp_users.sql b/examples/demo/site/modules/auth/scripts/auth_temp_users.sql
index 14d42f6..25ad9b5 100644
--- a/examples/demo/site/modules/auth/scripts/auth_temp_users.sql
+++ b/examples/demo/site/modules/auth/scripts/auth_temp_users.sql
@@ -1,7 +1,5 @@
-
-DROP TABLE IF EXISTS "auth_temp_users";
 CREATE TABLE `auth_temp_users` (
-  `uid` INTEGER PRIMARY KEY AUTOINCREMENT NOT NULL,
+  `uid` INTEGER PRIMARY KEY AUTO_INCREMENT NOT NULL,
   `name` VARCHAR(100) NOT NULL,
   `password` VARCHAR(100) NOT NULL,
   `salt` VARCHAR(100) NOT NULL,
@@ -11,3 +9,5 @@ CREATE TABLE `auth_temp_users` (
     UNIQUE(`name`)
 );
 
+
+
diff --git a/examples/demo/site/modules/auth/templates/block_admin_pending_registrations.tpl b/examples/demo/site/modules/auth/templates/block_admin_pending_registrations.tpl
new file mode 100644
index 0000000..cfc3d90
--- /dev/null
+++ b/examples/demo/site/modules/auth/templates/block_admin_pending_registrations.tpl
@@ -0,0 +1,21 @@
+ <h1 class="page-title">Listing 4 Pending Registrations</h1>
+ <ul class="cms-registrations">
+	<li class="cms_pending_user">
+		<ul>
+			<li>
+				Javier - javier@testing
+			</li>
+			<li>
+				Software Developer
+			</li>
+			
+			<li>
+				<a href="http://localhost:9090/admin/user/2">activate</a>
+			</li>
+			<li>
+				<a href="http://localhost:9090/admin/user/2">reject</a>
+			</li>	
+	
+		</ul>		
+	</li>
+</ul>
diff --git a/modules/auth/cms_authentication_email_service_parameters.e b/modules/auth/cms_authentication_email_service_parameters.e
index efcf557..9898ceb 100644
--- a/modules/auth/cms_authentication_email_service_parameters.e
+++ b/modules/auth/cms_authentication_email_service_parameters.e
@@ -108,7 +108,7 @@ feature	-- Access
 			-- Contact email.
 
 	site_name: IMMUTABLE_STRING_8
-			-- Site name.
+			-- UTF-8 encoded Site name.
 
 	contact_subject_account_evaluation: IMMUTABLE_STRING_8
 	contact_subject_register: IMMUTABLE_STRING_8
diff --git a/modules/auth/cms_authentication_module.e b/modules/auth/cms_authentication_module.e
index 76cd1d5..f6dcda7 100644
--- a/modules/auth/cms_authentication_module.e
+++ b/modules/auth/cms_authentication_module.e
@@ -91,16 +91,16 @@ feature {CMS_API} -- Module Initialization
 			-- <Precursor>
 		local
 			l_auth_api: like auth_api
-			l_user_auth_storage: CMS_TEMPORAL_USER_STORAGE_I
+			l_user_auth_storage: CMS_TEMP_USER_STORAGE_I
 		do
 			Precursor (a_api)
 
 				-- Storage initialization
 			if attached a_api.storage.as_sql_storage as l_storage_sql then
-				create {CMS_TEMPORAL_USER_STORAGE_SQL} l_user_auth_storage.make (l_storage_sql)
+				create {CMS_TEMP_USER_STORAGE_SQL} l_user_auth_storage.make (l_storage_sql)
 			else
 					-- FIXME: in case of NULL storage, should Current be disabled?
-				create {CMS_TEMPORAL_USER_STORAGE_NULL} l_user_auth_storage
+				create {CMS_TEMP_USER_STORAGE_NULL} l_user_auth_storage
 			end
 
 				-- API initialization
@@ -128,7 +128,7 @@ feature {CMS_API} -- Module Initialization
 
 feature {CMS_API} -- Access: API
 
-	auth_api: detachable CMS_USER_TEMP_API
+	auth_api: detachable CMS_TEMP_USER_API
 			-- <Precursor>
 
 feature -- Router
@@ -252,7 +252,7 @@ feature -- Handler
 		local
 			r: CMS_RESPONSE
 			l_user_api: CMS_USER_API
-			u: CMS_TEMPORAL_USER
+			u: CMS_TEMP_USER
 			l_exist: BOOLEAN
 			es: CMS_AUTHENTICATON_EMAIL_SERVICE
 			l_url_activate: STRING
@@ -337,19 +337,19 @@ feature -- Handler
 				create {GENERIC_VIEW_CMS_RESPONSE} r.make (req, res, api)
 				if r.has_permission ("account activate") then
 					if attached {WSF_STRING} req.path_parameter ("token") as l_token then
-						if attached {CMS_TEMPORAL_USER} l_auth_api.user_by_activation_token (l_token.value) as l_user then
+						if attached {CMS_TEMP_USER} l_auth_api.user_by_activation_token (l_token.value) as l_user then
 
 							-- TODO copy the personal information
 							--! to CMS_USER_PROFILE and persist data
 							--! check also CMS_USER.data_items
 
 								-- Delete temporal User
-							l_auth_api.delete_temporary_user (l_user)
+							l_auth_api.delete_temp_user (l_user)
 
 								-- Valid user_id
 							l_user.set_id (0)
 							l_user.mark_active
-							l_auth_api.new_user_from_temporal_user (l_user)
+							l_auth_api.new_user_from_temp_user (l_user)
 							l_auth_api.remove_activation (l_token.value)
 							r.set_main_content ("<p> The account <i>" + l_user.name + "</i> has been activated</p>")
 								-- Send Email
@@ -388,8 +388,8 @@ feature -- Handler
 				create {GENERIC_VIEW_CMS_RESPONSE} r.make (req, res, api)
 				if r.has_permission ("account reject") then
 					if attached {WSF_STRING} req.path_parameter ("token") as l_token then
-						if attached {CMS_USER} l_auth_api.user_by_activation_token (l_token.value) as l_user then
-							l_auth_api.delete_temporary_user (l_user)
+						if attached {CMS_TEMP_USER} l_auth_api.user_by_activation_token (l_token.value) as l_user then
+							l_auth_api.delete_temp_user (l_user)
 							r.set_main_content ("<p> The temporal account for <i>" + l_user.name + "</i> has been removed</p>")
 								-- Send Email
 							if attached l_user.email as l_email then
@@ -432,7 +432,7 @@ feature -- Handler
 					if req.is_post_request_method then
 						if attached {WSF_STRING} req.form_parameter ("email") as l_email then
 							l_user_api := api.user_api
-							if attached {CMS_TEMPORAL_USER} l_auth_api.user_by_email (l_email.value) as l_user then
+							if attached {CMS_TEMP_USER} l_auth_api.user_by_email (l_email.value) as l_user then
 									-- User exist create a new token and send a new email.
 								if l_user.is_active then
 									r.set_value ("The asociated user to the given email " + l_email.value + " , is already active", "is_active")
@@ -593,7 +593,7 @@ feature -- Handler
 		local
 			l_response: CMS_RESPONSE
 			s: STRING
-			u: CMS_TEMPORAL_USER
+			u: CMS_TEMP_USER
 			l_page_helper: CMS_PAGINATION_GENERATOR
 			s_pager: STRING
 			l_count: INTEGER
diff --git a/modules/auth/cms_user_temp_api.e b/modules/auth/cms_temp_user_api.e
similarity index 90%
rename from modules/auth/cms_user_temp_api.e
rename to modules/auth/cms_temp_user_api.e
index 94831a6..99fc981 100644
--- a/modules/auth/cms_user_temp_api.e
+++ b/modules/auth/cms_temp_user_api.e
@@ -4,7 +4,7 @@ note
 	revision: "$Revision$"
 
 class
-	CMS_USER_TEMP_API
+	CMS_TEMP_USER_API
 
 inherit
 	CMS_MODULE_API
@@ -16,7 +16,7 @@ create {CMS_AUTHENTICATION_MODULE}
 
 feature {NONE} -- Initialization
 
-	make_with_storage (a_api: CMS_API; a_auth_storage: CMS_TEMPORAL_USER_STORAGE_I)
+	make_with_storage (a_api: CMS_API; a_auth_storage: CMS_TEMP_USER_STORAGE_I)
 			-- Create an object with api `a_api' and storage `a_auth_storage'.
 		do
 			auth_storage := a_auth_storage
@@ -52,7 +52,7 @@ feature -- Access
 			Result := auth_storage.user_by_activation_token (a_token)
 		end
 
-	recent_users (params: CMS_DATA_QUERY_PARAMETERS): ITERABLE [CMS_TEMPORAL_USER]
+	recent_users (params: CMS_DATA_QUERY_PARAMETERS): ITERABLE [CMS_TEMP_USER]
 			-- List of the `a_rows' most recent users starting from  `a_offset'.
 		do
 			Result := auth_storage.recent_users (params.offset.to_integer_32, params.size.to_integer_32)
@@ -65,7 +65,7 @@ feature -- Access
 
 feature -- Temp User
 
-	new_user_from_temporal_user (a_user: CMS_TEMPORAL_USER)
+	new_user_from_temp_user (a_user: CMS_TEMP_USER)
 			-- Add a new user `a_user'.
 		require
 			no_id: not a_user.has_id
@@ -85,7 +85,7 @@ feature -- Temp User
 			end
 		end
 
-	new_temp_user (a_user: CMS_TEMPORAL_USER)
+	new_temp_user (a_user: CMS_TEMP_USER)
 			-- Add a new user `a_user'.
 		require
 			no_id: not a_user.has_id
@@ -109,7 +109,7 @@ feature -- Temp User
 			auth_storage.remove_activation (a_token)
 		end
 
-	delete_temporary_user (a_user: CMS_USER)
+	delete_temp_user (a_user: CMS_TEMP_USER)
 			-- Delete user `a_user'.
 		require
 			has_id: a_user.has_id
@@ -121,7 +121,7 @@ feature -- Temp User
 
 feature {CMS_MODULE} -- Access: User auth storage.
 
-	auth_storage: CMS_TEMPORAL_USER_STORAGE_I
+	auth_storage: CMS_TEMP_USER_STORAGE_I
 			-- storage interface.
 
 end
diff --git a/modules/auth/model/cms_temporal_user.e b/modules/auth/model/cms_temp_user.e
similarity index 90%
rename from modules/auth/model/cms_temporal_user.e
rename to modules/auth/model/cms_temp_user.e
index b2605a3..59101af 100644
--- a/modules/auth/model/cms_temporal_user.e
+++ b/modules/auth/model/cms_temp_user.e
@@ -1,10 +1,10 @@
 note
-	description: "Summary description for {CMS_TEMPORAL_USER}."
+	description: "Summary description for {CMS_TEMP_USER}."
 	date: "$Date$"
 	revision: "$Revision$"
 
 class
-	CMS_TEMPORAL_USER
+	CMS_TEMP_USER
 
 inherit
 
diff --git a/modules/auth/persistence/cms_temporal_user_storage_i.e b/modules/auth/persistence/cms_temp_user_storage_i.e
similarity index 92%
rename from modules/auth/persistence/cms_temporal_user_storage_i.e
rename to modules/auth/persistence/cms_temp_user_storage_i.e
index 6b2f43a..d5aece1 100644
--- a/modules/auth/persistence/cms_temporal_user_storage_i.e
+++ b/modules/auth/persistence/cms_temp_user_storage_i.e
@@ -6,7 +6,7 @@ note
 	revision: "$Revision$"
 
 deferred class
-	CMS_TEMPORAL_USER_STORAGE_I
+	CMS_TEMP_USER_STORAGE_I
 
 inherit
 	SHARED_LOGGER
@@ -57,7 +57,7 @@ feature -- Access: Users
 			password: Result /= Void implies (Result.hashed_password /= Void and Result.password = Void)
 		end
 
-	recent_users (a_lower: INTEGER; a_count: INTEGER): LIST [CMS_TEMPORAL_USER]
+	recent_users (a_lower: INTEGER; a_count: INTEGER): LIST [CMS_TEMP_USER]
 			-- List of recent `a_count' temporal users with an offset of `lower'.
 		deferred
 		end
@@ -71,7 +71,7 @@ feature -- Access: Users
 
 feature -- New Temp User
 
-	new_user_from_temporal_user (a_user: CMS_TEMPORAL_USER)
+	new_user_from_temporal_user (a_user: CMS_TEMP_USER)
   			-- new user from temporal user `a_user'
   		require
   			no_id: not a_user.has_id
@@ -83,14 +83,14 @@ feature -- New Temp User
 		deferred
 		end
 
-	new_temp_user (a_user: CMS_TEMPORAL_USER)
+	new_temp_user (a_user: CMS_TEMP_USER)
 			-- New temp user `a_user'.
 		require
 			no_id: not a_user.has_id
 		deferred
 		end
 
-	delete_user (a_user: CMS_USER)
+	delete_user (a_user: CMS_TEMP_USER)
 			-- Delete user `a_user'.
 		require
 			has_id: a_user.has_id
diff --git a/modules/auth/persistence/cms_temporal_user_storage_null.e b/modules/auth/persistence/cms_temp_user_storage_null.e
similarity index 76%
rename from modules/auth/persistence/cms_temporal_user_storage_null.e
rename to modules/auth/persistence/cms_temp_user_storage_null.e
index 39292ca..6b7a834 100644
--- a/modules/auth/persistence/cms_temporal_user_storage_null.e
+++ b/modules/auth/persistence/cms_temp_user_storage_null.e
@@ -1,14 +1,14 @@
 note
-	description: "Summary description for {CMS_TEMPORAL_USER_STORAGE_NULL}."
+	description: "Summary description for {CMS_TEMP_USER_STORAGE_NULL}."
 	date: "$Date$"
 	revision: "$Revision$"
 
 class
-	CMS_TEMPORAL_USER_STORAGE_NULL
+	CMS_TEMP_USER_STORAGE_NULL
 
 inherit
 
-	CMS_TEMPORAL_USER_STORAGE_I
+	CMS_TEMP_USER_STORAGE_I
 
 
 feature -- Error handler
@@ -46,10 +46,10 @@ feature -- Access: Users
 		do
 		end
 
-	recent_users (a_lower: INTEGER; a_count: INTEGER): LIST [CMS_TEMPORAL_USER]
+	recent_users (a_lower: INTEGER; a_count: INTEGER): LIST [CMS_TEMP_USER]
 			-- List of recent `a_count' temporal users with an offset of `lower'.
 		do
-			create {ARRAYED_LIST[CMS_TEMPORAL_USER]} Result.make (0)
+			create {ARRAYED_LIST[CMS_TEMP_USER]} Result.make (0)
 		end
 
 	token_by_user_id (a_id: like {CMS_USER}.id): detachable STRING
@@ -59,7 +59,7 @@ feature -- Access: Users
 
 feature -- Temp Users
 
-	new_user_from_temporal_user (a_user: CMS_TEMPORAL_USER)
+	new_user_from_temporal_user (a_user: CMS_TEMP_USER)
 			-- <Precursor>
 		do
   		end
@@ -70,12 +70,12 @@ feature -- Temp Users
 		do
 		end
 
-	new_temp_user (a_user: CMS_TEMPORAL_USER)
+	new_temp_user (a_user: CMS_TEMP_USER)
 			-- <Precursor>
 		do
 		end
 
-	delete_user (a_user: CMS_USER)
+	delete_user (a_user: CMS_TEMP_USER)
 			-- <Precursor>
 		do
 		end
diff --git a/modules/auth/persistence/cms_temporal_user_storage_sql.e b/modules/auth/persistence/cms_temp_user_storage_sql.e
similarity index 96%
rename from modules/auth/persistence/cms_temporal_user_storage_sql.e
rename to modules/auth/persistence/cms_temp_user_storage_sql.e
index a6244ff..699dfcd 100644
--- a/modules/auth/persistence/cms_temporal_user_storage_sql.e
+++ b/modules/auth/persistence/cms_temp_user_storage_sql.e
@@ -1,13 +1,13 @@
 note
-	description: "Summary description for {CMS_TEMPORAL_USER_STORAGE_SQL}."
+	description: "Summary description for {CMS_TEMP_USER_STORAGE_SQL}."
 	date: "$Date$"
 	revision: "$Revision$"
 
 class
-	CMS_TEMPORAL_USER_STORAGE_SQL
+	CMS_TEMP_USER_STORAGE_SQL
 
 inherit
-	CMS_TEMPORAL_USER_STORAGE_I
+	CMS_TEMP_USER_STORAGE_I
 
 	CMS_PROXY_STORAGE_SQL
 
@@ -113,12 +113,12 @@ feature -- Access User
 			sql_finalize
 		end
 
-	recent_users (a_lower: INTEGER; a_count: INTEGER): LIST [CMS_TEMPORAL_USER]
+	recent_users (a_lower: INTEGER; a_count: INTEGER): LIST [CMS_TEMP_USER]
 			-- <Precursor>
 		local
 			l_parameters: STRING_TABLE [detachable ANY]
 		do
-			create {ARRAYED_LIST [CMS_TEMPORAL_USER]} Result.make (0)
+			create {ARRAYED_LIST [CMS_TEMP_USER]} Result.make (0)
 
 			error_handler.reset
 			write_information_log (generator + ".recent_users")
@@ -162,7 +162,7 @@ feature -- Access User
 
 feature {NONE} -- Implementation: User
 
-	fetch_user: detachable CMS_TEMPORAL_USER
+	fetch_user: detachable CMS_TEMP_USER
 		local
 			l_id: INTEGER_64
 			l_name: detachable READABLE_STRING_32
@@ -204,7 +204,7 @@ feature {NONE} -- Implementation: User
 
 feature -- New Temp User
 
-	new_user_from_temporal_user (a_user: CMS_TEMPORAL_USER)
+	new_user_from_temporal_user (a_user: CMS_TEMP_USER)
 			-- <Precursor>
   		local
   			l_parameters: STRING_TABLE [detachable ANY]
@@ -242,7 +242,7 @@ feature -- New Temp User
   			end
   		end
 
-	new_temp_user (a_user: CMS_TEMPORAL_USER)
+	new_temp_user (a_user: CMS_TEMP_USER)
 			-- Add a new temp_user `a_user'.
 		local
 			l_parameters: STRING_TABLE [detachable ANY]
@@ -301,7 +301,7 @@ feature -- Remove Activation
 			sql_finalize
 		end
 
-	delete_user (a_user: CMS_USER)
+	delete_user (a_user: CMS_TEMP_USER)
 			-- Delete user `a_user'.
 		local
 			l_parameters: STRING_TABLE [detachable ANY]
diff --git a/modules/auth/site/mail_templates/account_new_password.html b/modules/auth/site/mail_templates/account_new_password.html
index 0ad6560..ed5f4f4 100644
--- a/modules/auth/site/mail_templates/account_new_password.html
+++ b/modules/auth/site/mail_templates/account_new_password.html
@@ -10,7 +10,7 @@
 	<body>
 		<p>You have required a new password at <a href="$host">$sitename</a></p>
 
-		<p>To complete your request, please click on this link to genereate a new password:<p>
+		<p>To complete your request, please click on this link to generate a new password:<p>
 
 		<p><a href="$link">$link</a></p>
 	</body>
diff --git a/modules/auth/site/mail_templates/account_welcome.html b/modules/auth/site/mail_templates/account_welcome.html
index b2b8d04..7371013 100644
--- a/modules/auth/site/mail_templates/account_welcome.html
+++ b/modules/auth/site/mail_templates/account_welcome.html
@@ -7,7 +7,7 @@
 	  <meta name="author" content="$sitename">
 	</head>
 	<body>
-		<p>Welcome to<a href="$host">$sitename</a></p>
+		<p>Welcome to <a href="$host">$sitename</a></p>
 		<p>Thank you for joining us.</p>
 	</body>
 </html>
diff --git a/modules/auth/site/mail_templates/admin_account_evaluation.html b/modules/auth/site/mail_templates/admin_account_evaluation.html
index e626446..dcecbac 100644
--- a/modules/auth/site/mail_templates/admin_account_evaluation.html
+++ b/modules/auth/site/mail_templates/admin_account_evaluation.html
@@ -11,7 +11,7 @@
     <h2> Account Evaluation </h2>
 	<p>The user $user ($email) wants to register to the site <a href="$host">$sitename</a></p>
 
-	<blockquote><p>This is his/her application.</p>
+	<blockquote><p>User application:</p>
 	  <p>$application</p>
 	</blockquote>
 
diff --git a/examples/demo/site/modules/auth/scripts/auth_temp_users.tpl b/modules/auth/site/scripts/auth_temp_users.sql
similarity index 88%
rename from examples/demo/site/modules/auth/scripts/auth_temp_users.tpl
rename to modules/auth/site/scripts/auth_temp_users.sql
index d06c641..25ad9b5 100644
--- a/examples/demo/site/modules/auth/scripts/auth_temp_users.tpl
+++ b/modules/auth/site/scripts/auth_temp_users.sql
@@ -1,5 +1,3 @@
-
-DROP TABLE IF EXISTS "auth_temp_users";
 CREATE TABLE `auth_temp_users` (
   `uid` INTEGER PRIMARY KEY AUTO_INCREMENT NOT NULL,
   `name` VARCHAR(100) NOT NULL,
@@ -11,3 +9,5 @@ CREATE TABLE `auth_temp_users` (
     UNIQUE(`name`)
 );
 
+
+
diff --git a/modules/auth/site/scripts/auth_temp_users.tpl b/modules/auth/site/scripts/auth_temp_users.tpl
deleted file mode 100644
index d06c641..0000000
--- a/modules/auth/site/scripts/auth_temp_users.tpl
+++ /dev/null
@@ -1,13 +0,0 @@
-
-DROP TABLE IF EXISTS "auth_temp_users";
-CREATE TABLE `auth_temp_users` (
-  `uid` INTEGER PRIMARY KEY AUTO_INCREMENT NOT NULL,
-  `name` VARCHAR(100) NOT NULL,
-  `password` VARCHAR(100) NOT NULL,
-  `salt` VARCHAR(100) NOT NULL,
-  `email` VARCHAR(250) NOT NULL,
-  `application` TEXT NOT NULL, 
-  CONSTRAINT `name`
-    UNIQUE(`name`)
-);
-
diff --git a/modules/auth/site/templates/block_admin_pending_registrations.tpl b/modules/auth/site/templates/block_admin_pending_registrations.tpl
new file mode 100644
index 0000000..cfc3d90
--- /dev/null
+++ b/modules/auth/site/templates/block_admin_pending_registrations.tpl
@@ -0,0 +1,21 @@
+ <h1 class="page-title">Listing 4 Pending Registrations</h1>
+ <ul class="cms-registrations">
+	<li class="cms_pending_user">
+		<ul>
+			<li>
+				Javier - javier@testing
+			</li>
+			<li>
+				Software Developer
+			</li>
+			
+			<li>
+				<a href="http://localhost:9090/admin/user/2">activate</a>
+			</li>
+			<li>
+				<a href="http://localhost:9090/admin/user/2">reject</a>
+			</li>	
+	
+		</ul>		
+	</li>
+</ul>

From f244e86f13ff9bf13df88aa435903d6704d40a86 Mon Sep 17 00:00:00 2001
From: jvelilla <javier.hector@gmail.com>
Date: Tue, 12 Jan 2016 09:34:39 -0300
Subject: [PATCH 5/8] Updated user.sql added tabled auth_temp_users. Added
 CMS_TEMP_USER as part of the core. Moved the code from CMS_TEMP_USER_API and
 CMS_TEMP_USER_STORAGE_* to CMS_USER_API and CMS_USER_STORAGE_*.

---
 examples/demo/site/scripts/user.sql           |  15 +
 .../model/src/user}/cms_temp_user.e           |   0
 library/persistence/mysql/scripts/user.sql    |  10 +
 modules/auth/auth-safe.ecf                    |  28 +-
 modules/auth/cms_authentication_module.e      | 237 ++++-------
 modules/auth/cms_temp_user_api.e              | 127 ------
 .../persistence/cms_temp_user_storage_i.e     | 100 -----
 .../persistence/cms_temp_user_storage_null.e  |  84 ----
 .../persistence/cms_temp_user_storage_sql.e   | 388 -----------------
 src/persistence/user/cms_user_storage_i.e     |  85 +++-
 src/persistence/user/cms_user_storage_null.e  |  69 ++-
 src/persistence/user/cms_user_storage_sql_i.e | 395 ++++++++++++++++--
 src/service/user/cms_user_api.e               | 100 ++++-
 13 files changed, 724 insertions(+), 914 deletions(-)
 rename {modules/auth/model => library/model/src/user}/cms_temp_user.e (100%)
 delete mode 100644 modules/auth/cms_temp_user_api.e
 delete mode 100644 modules/auth/persistence/cms_temp_user_storage_i.e
 delete mode 100644 modules/auth/persistence/cms_temp_user_storage_null.e
 delete mode 100644 modules/auth/persistence/cms_temp_user_storage_sql.e

diff --git a/examples/demo/site/scripts/user.sql b/examples/demo/site/scripts/user.sql
index 03c7166..161642d 100644
--- a/examples/demo/site/scripts/user.sql
+++ b/examples/demo/site/scripts/user.sql
@@ -46,3 +46,18 @@ CREATE TABLE `users_password_recovery` (
   CONSTRAINT `token` UNIQUE  (`token`)
 );
 
+
+CREATE TABLE `auth_temp_users` (
+  `uid` INTEGER PRIMARY KEY AUTO_INCREMENT NOT NULL,
+  `name` VARCHAR(100) NOT NULL,
+  `password` VARCHAR(100) NOT NULL,
+  `salt` VARCHAR(100) NOT NULL,
+  `email` VARCHAR(250) NOT NULL,
+  `application` TEXT NOT NULL, 
+  CONSTRAINT `name`
+    UNIQUE(`name`)
+);
+
+
+
+
diff --git a/modules/auth/model/cms_temp_user.e b/library/model/src/user/cms_temp_user.e
similarity index 100%
rename from modules/auth/model/cms_temp_user.e
rename to library/model/src/user/cms_temp_user.e
diff --git a/library/persistence/mysql/scripts/user.sql b/library/persistence/mysql/scripts/user.sql
index e99072a..ea02092 100644
--- a/library/persistence/mysql/scripts/user.sql
+++ b/library/persistence/mysql/scripts/user.sql
@@ -61,6 +61,16 @@ CREATE TABLE `users_password_recovery` (
    UNIQUE KEY `token` (`token`)
 );
 
+CREATE TABLE `auth_temp_users` (
+  `uid` INTEGER PRIMARY KEY AUTO_INCREMENT NOT NULL,
+  `name` VARCHAR(100) NOT NULL,
+  `password` VARCHAR(100) NOT NULL,
+  `salt` VARCHAR(100) NOT NULL,
+  `email` VARCHAR(250) NOT NULL,
+  `application` TEXT NOT NULL, 
+  CONSTRAINT `name`
+    UNIQUE(`name`)
+);
 
 
 COMMIT;
\ No newline at end of file
diff --git a/modules/auth/auth-safe.ecf b/modules/auth/auth-safe.ecf
index 29c2183..f8a1864 100644
--- a/modules/auth/auth-safe.ecf
+++ b/modules/auth/auth-safe.ecf
@@ -1,35 +1,35 @@
 <?xml version="1.0" encoding="ISO-8859-1"?>
-<system xmlns="http://www.eiffel.com/developers/xml/configuration-1-13-0" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" xsi:schemaLocation="http://www.eiffel.com/developers/xml/configuration-1-13-0 http://www.eiffel.com/developers/xml/configuration-1-13-0.xsd" name="auth_module" uuid="AAB9EE7D-A671-4727-8658-D417A48B2B57" library_target="auth_module">
+<system xmlns="http://www.eiffel.com/developers/xml/configuration-1-15-0" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" xsi:schemaLocation="http://www.eiffel.com/developers/xml/configuration-1-15-0 http://www.eiffel.com/developers/xml/configuration-1-15-0.xsd" name="auth_module" uuid="AAB9EE7D-A671-4727-8658-D417A48B2B57" library_target="auth_module">
 	<target name="auth_module">
 		<root all_classes="true"/>
 		<file_rule>
 			<exclude>/.git$</exclude>
-			<exclude>/EIFGENs$</exclude>
 			<exclude>/.svn$</exclude>
+			<exclude>/EIFGENs$</exclude>
 		</file_rule>
-		<option warning="true" full_class_checking="true" is_attached_by_default="true" void_safety="all" syntax="standard">
+		<option warning="true" full_class_checking="true" is_attached_by_default="true" is_obsolete_routine_type="true" void_safety="all" syntax="standard">
 		</option>
+		<library name="apis" location="$ISE_LIBRARY\contrib\library\web\authentication\oauth\cypress\consumer\apis\apis.ecf" readonly="false"/>
 		<library name="base" location="$ISE_LIBRARY\library\base\base-safe.ecf"/>
 		<library name="cms" location="..\..\cms-safe.ecf" readonly="false"/>
 		<library name="cms_app_env" location="..\..\library\app_env\app_env-safe.ecf" readonly="false"/>
 		<library name="cms_model" location="..\..\library\model\cms_model-safe.ecf" readonly="false"/>
 		<library name="config" location="..\..\library\configuration\config-safe.ecf"/>
+		<library name="cypress_consumer" location="$ISE_LIBRARY\contrib\library\web\authentication\oauth\cypress\consumer-safe.ecf" readonly="false"/>
+		<library name="email_service" location="..\..\library\email\email-safe.ecf"/>
 		<library name="encoder" location="$ISE_LIBRARY\contrib\library\web\framework\ewf\text\encoder\encoder-safe.ecf"/>
+		<library name="error" location="$ISE_LIBRARY\contrib\library\utility\general\error\error-safe.ecf"/>
 		<library name="http" location="$ISE_LIBRARY\contrib\library\network\protocol\http\http-safe.ecf"/>
+		<library name="json" location="$ISE_LIBRARY\contrib\library\text\parser\json\library\json-safe.ecf" readonly="false"/>
+		<library name="recaptcha" location="..\..\library\recaptcha\recaptcha-safe.ecf"/>
 		<library name="time" location="$ISE_LIBRARY\library\time\time-safe.ecf"/>
 		<library name="wsf" location="$ISE_LIBRARY\contrib\library\web\framework\ewf\wsf\wsf-safe.ecf"/>
 		<library name="wsf_extension" location="$ISE_LIBRARY\contrib\library\web\framework\ewf\wsf\wsf_extension-safe.ecf" readonly="false"/>
 		<library name="wsf_html" location="$ISE_LIBRARY\contrib\library\web\framework\ewf\wsf_html\wsf_html-safe.ecf" readonly="false"/>
-		<library name="error" location="$ISE_LIBRARY\contrib\library\utility\general\error\error-safe.ecf"/>
-
-		<library name="email_service" location="..\..\library\email\email-safe.ecf"/>
-		<library name="recaptcha" location="..\..\library\recaptcha\recaptcha-safe.ecf"/>
-
-		<library name="apis" location="$ISE_LIBRARY\contrib\library\web\authentication\oauth\cypress\consumer\apis\apis.ecf" readonly="false"/>	
-		<library name="cypress_consumer" location="$ISE_LIBRARY\contrib\library\web\authentication\oauth\cypress\consumer-safe.ecf" readonly="false"/>
-		<library name="json" location="$ISE_LIBRARY\contrib\library\text\parser\json\library\json-safe.ecf" readonly="false"/>
-
-
-		<cluster name="src" location=".\" recursive="true"/>
+		<cluster name="src" location=".\" recursive="true">
+			<file_rule>
+				<exclude>^persistence$</exclude>
+			</file_rule>
+		</cluster>
 	</target>
 </system>
diff --git a/modules/auth/cms_authentication_module.e b/modules/auth/cms_authentication_module.e
index f6dcda7..399cba7 100644
--- a/modules/auth/cms_authentication_module.e
+++ b/modules/auth/cms_authentication_module.e
@@ -9,14 +9,9 @@ class
 inherit
 
 	CMS_MODULE
-		rename
-			module_api as auth_api
 		redefine
 			setup_hooks,
-			permissions,
-			initialize,
-			install,
-			auth_api
+			permissions
 		end
 
 	CMS_HOOK_AUTO_REGISTER
@@ -85,52 +80,6 @@ feature -- Access: docs
 			Result := cache_duration = 0
 		end
 
-feature {CMS_API} -- Module Initialization
-
-	initialize (a_api: CMS_API)
-			-- <Precursor>
-		local
-			l_auth_api: like auth_api
-			l_user_auth_storage: CMS_TEMP_USER_STORAGE_I
-		do
-			Precursor (a_api)
-
-				-- Storage initialization
-			if attached a_api.storage.as_sql_storage as l_storage_sql then
-				create {CMS_TEMP_USER_STORAGE_SQL} l_user_auth_storage.make (l_storage_sql)
-			else
-					-- FIXME: in case of NULL storage, should Current be disabled?
-				create {CMS_TEMP_USER_STORAGE_NULL} l_user_auth_storage
-			end
-
-				-- API initialization
-			create l_auth_api.make_with_storage (a_api, l_user_auth_storage)
-			auth_api := l_auth_api
-		ensure then
-			auth_api_set: auth_api /= Void
-		end
-
-	install (api: CMS_API)
-		do
-				-- Schema
-			if attached api.storage.as_sql_storage as l_sql_storage then
-				if not l_sql_storage.sql_table_exists ("auth_temp_users") then
-						--| Schema
-					l_sql_storage.sql_execute_file_script (api.module_resource_location (Current, (create {PATH}.make_from_string ("scripts")).extended ("auth_temp_users.sql")), Void)
-					if l_sql_storage.has_error then
-						api.logger.put_error ("Could not initialize database for auth_module", generating_type)
-					end
-				end
-				l_sql_storage.sql_finalize
-				Precursor {CMS_MODULE} (api)
-			end
-		end
-
-feature {CMS_API} -- Access: API
-
-	auth_api: detachable CMS_TEMP_USER_API
-			-- <Precursor>
-
 feature -- Router
 
 	setup_router (a_router: WSF_ROUTER; a_api: CMS_API)
@@ -261,16 +210,16 @@ feature -- Handler
 			l_captcha_passed: BOOLEAN
 		do
 			create {GENERIC_VIEW_CMS_RESPONSE} r.make (req, res, api)
-			if r.has_permission ("account register") and then attached auth_api as l_auth_api then
+			if r.has_permission ("account register") then
 				if req.is_post_request_method then
 					if attached {WSF_STRING} req.form_parameter ("name") as l_name and then attached {WSF_STRING} req.form_parameter ("password") as l_password and then attached {WSF_STRING} req.form_parameter ("email") as l_email and then attached {WSF_STRING} req.form_parameter ("personal_information") as l_personal_information then
 						l_user_api := api.user_api
-						if attached l_user_api.user_by_name (l_name.value) or else attached l_auth_api.user_by_name (l_name.value) then
+						if attached l_user_api.user_by_name (l_name.value) or else attached l_user_api.temp_user_by_name (l_name.value) then
 								-- Username already exist.
 							r.set_value ("User name already exists!", "error_name")
 							l_exist := True
 						end
-						if attached l_user_api.user_by_email (l_email.value) or else attached l_auth_api.user_by_email (l_email.value) then
+						if attached l_user_api.user_by_email (l_email.value) or else attached l_user_api.temp_user_by_email (l_email.value) then
 								-- Emails already exist.
 							r.set_value ("An account is already associated with that email address!", "error_email")
 							l_exist := True
@@ -293,7 +242,7 @@ feature -- Handler
 							u.set_email (l_email.value)
 							u.set_password (l_password.value)
 							u.set_personal_information (l_personal_information.value)
-							l_auth_api.new_temp_user (u)
+							l_user_api.new_temp_user (u)
 
 								-- Create activation token
 							l_token := new_token
@@ -332,49 +281,44 @@ feature -- Handler
 			l_ir: INTERNAL_SERVER_ERROR_CMS_RESPONSE
 			es: CMS_AUTHENTICATON_EMAIL_SERVICE
 		do
-			if attached auth_api as l_auth_api then
-				l_user_api := api.user_api
-				create {GENERIC_VIEW_CMS_RESPONSE} r.make (req, res, api)
-				if r.has_permission ("account activate") then
-					if attached {WSF_STRING} req.path_parameter ("token") as l_token then
-						if attached {CMS_TEMP_USER} l_auth_api.user_by_activation_token (l_token.value) as l_user then
+			l_user_api := api.user_api
+			create {GENERIC_VIEW_CMS_RESPONSE} r.make (req, res, api)
+			if r.has_permission ("account activate") then
+				if attached {WSF_STRING} req.path_parameter ("token") as l_token then
+					if attached {CMS_TEMP_USER} l_user_api.temp_user_by_activation_token (l_token.value) as l_user then
 
-							-- TODO copy the personal information
-							--! to CMS_USER_PROFILE and persist data
-							--! check also CMS_USER.data_items
+						-- TODO copy the personal information
+						--! to CMS_USER_PROFILE and persist data
+						--! check also CMS_USER.data_items
 
-								-- Delete temporal User
-							l_auth_api.delete_temp_user (l_user)
+							-- Delete temporal User
+						l_user_api.delete_temp_user (l_user)
 
-								-- Valid user_id
-							l_user.set_id (0)
-							l_user.mark_active
-							l_auth_api.new_user_from_temp_user (l_user)
-							l_auth_api.remove_activation (l_token.value)
-							r.set_main_content ("<p> The account <i>" + l_user.name + "</i> has been activated</p>")
-								-- Send Email
-							if attached l_user.email as l_email then
-								create es.make (create {CMS_AUTHENTICATION_EMAIL_SERVICE_PARAMETERS}.make (api))
-								write_debug_log (generator + ".handle register: send_contact_activation_confirmation_email")
-								es.send_contact_activation_confirmation_email (l_email, "", req.absolute_script_url (""))
-							end
-						else
-								-- the token does not exist, or it was already used.
-							r.set_status_code ({HTTP_CONSTANTS}.bad_request)
-							r.set_main_content ("<p>The token <i>" + l_token.value + "</i> is not valid " + r.link ("Reactivate Account", "account/reactivate", Void) + "</p>")
+							-- Valid user_id
+						l_user.set_id (0)
+						l_user.mark_active
+						l_user_api.new_user_from_temp_user (l_user)
+						l_user_api.remove_activation (l_token.value)
+						r.set_main_content ("<p> The account <i>" + l_user.name + "</i> has been activated</p>")
+							-- Send Email
+						if attached l_user.email as l_email then
+							create es.make (create {CMS_AUTHENTICATION_EMAIL_SERVICE_PARAMETERS}.make (api))
+							write_debug_log (generator + ".handle register: send_contact_activation_confirmation_email")
+							es.send_contact_activation_confirmation_email (l_email, "", req.absolute_script_url (""))
 						end
-						r.execute
 					else
-						create l_ir.make (req, res, api)
-						l_ir.execute
+							-- the token does not exist, or it was already used.
+						r.set_status_code ({HTTP_CONSTANTS}.bad_request)
+						r.set_main_content ("<p>The token <i>" + l_token.value + "</i> is not valid " + r.link ("Reactivate Account", "account/reactivate", Void) + "</p>")
 					end
-				else
-					create {FORBIDDEN_ERROR_CMS_RESPONSE} r.make (req, res, api)
 					r.execute
+				else
+					create l_ir.make (req, res, api)
+					l_ir.execute
 				end
 			else
-				create {INTERNAL_SERVER_ERROR_CMS_RESPONSE} r.make (req, res, api)
-				r.execute
+				create {FORBIDDEN_ERROR_CMS_RESPONSE} r.make (req, res, api)
+					r.execute
 			end
 		end
 
@@ -383,36 +327,33 @@ feature -- Handler
 			r: CMS_RESPONSE
 			l_ir: INTERNAL_SERVER_ERROR_CMS_RESPONSE
 			es: CMS_AUTHENTICATON_EMAIL_SERVICE
+			l_user_api: CMS_USER_API
 		do
-			if attached auth_api as l_auth_api then
-				create {GENERIC_VIEW_CMS_RESPONSE} r.make (req, res, api)
-				if r.has_permission ("account reject") then
-					if attached {WSF_STRING} req.path_parameter ("token") as l_token then
-						if attached {CMS_TEMP_USER} l_auth_api.user_by_activation_token (l_token.value) as l_user then
-							l_auth_api.delete_temp_user (l_user)
-							r.set_main_content ("<p> The temporal account for <i>" + l_user.name + "</i> has been removed</p>")
-								-- Send Email
-							if attached l_user.email as l_email then
-								create es.make (create {CMS_AUTHENTICATION_EMAIL_SERVICE_PARAMETERS}.make (api))
-								write_debug_log (generator + ".handle register: send_contact_activation_reject_email")
-								es.send_contact_activation_reject_email (l_email, "", req.absolute_script_url (""))
-							end
-						else
-								-- the token does not exist, or it was already used.
-							r.set_status_code ({HTTP_CONSTANTS}.bad_request)
-							r.set_main_content ("<p>The token <i>" + l_token.value + "</i> is not valid ")
+			create {GENERIC_VIEW_CMS_RESPONSE} r.make (req, res, api)
+			if r.has_permission ("account reject") then
+				if attached {WSF_STRING} req.path_parameter ("token") as l_token then
+					l_user_api := api.user_api
+					if attached {CMS_TEMP_USER} l_user_api.temp_user_by_activation_token (l_token.value) as l_user then
+						l_user_api.delete_temp_user (l_user)
+						r.set_main_content ("<p> The temporal account for <i>" + l_user.name + "</i> has been removed</p>")
+							-- Send Email
+						if attached l_user.email as l_email then
+							create es.make (create {CMS_AUTHENTICATION_EMAIL_SERVICE_PARAMETERS}.make (api))
+							write_debug_log (generator + ".handle register: send_contact_activation_reject_email")
+							es.send_contact_activation_reject_email (l_email, "", req.absolute_script_url (""))
 						end
-						r.execute
 					else
-						create l_ir.make (req, res, api)
-						l_ir.execute
+							-- the token does not exist, or it was already used.
+						r.set_status_code ({HTTP_CONSTANTS}.bad_request)
+						r.set_main_content ("<p>The token <i>" + l_token.value + "</i> is not valid ")
 					end
-				else
-					create {FORBIDDEN_ERROR_CMS_RESPONSE} r.make (req, res, api)
 					r.execute
+				else
+					create l_ir.make (req, res, api)
+					l_ir.execute
 				end
 			else
-				create {INTERNAL_SERVER_ERROR_CMS_RESPONSE} r.make (req, res, api)
+				create {FORBIDDEN_ERROR_CMS_RESPONSE} r.make (req, res, api)
 				r.execute
 			end
 		end
@@ -426,43 +367,38 @@ feature -- Handler
 			l_url_activate: STRING
 			l_url_reject: STRING
 		do
-			if attached auth_api as l_auth_api then
-				create {GENERIC_VIEW_CMS_RESPONSE} r.make (req, res, api)
-				if r.has_permission ("account reactivate") then
-					if req.is_post_request_method then
-						if attached {WSF_STRING} req.form_parameter ("email") as l_email then
-							l_user_api := api.user_api
-							if attached {CMS_TEMP_USER} l_auth_api.user_by_email (l_email.value) as l_user then
-									-- User exist create a new token and send a new email.
-								if l_user.is_active then
-									r.set_value ("The asociated user to the given email " + l_email.value + " , is already active", "is_active")
-									r.set_status_code ({HTTP_CONSTANTS}.bad_request)
-								else
-									l_token := new_token
-									l_user_api.new_activation (l_token, l_user.id)
-									l_url_activate := req.absolute_script_url ("/account/activate/" + l_token)
-									l_url_reject := req.absolute_script_url ("/account/reject/" + l_token)
-
-										-- Send Email to webmaster
-									if attached l_user.personal_information as l_personal_information then
-										create es.make (create {CMS_AUTHENTICATION_EMAIL_SERVICE_PARAMETERS}.make (api))
-										write_debug_log (generator + ".handle register: send_register_email")
-										es.send_account_evaluation (l_user, l_personal_information, l_url_activate, l_url_reject, req.absolute_script_url (""))
-									end
-								end
-							else
-								r.set_value ("The email does not exist or !", "error_email")
-								r.set_value (l_email.value, "email")
+			create {GENERIC_VIEW_CMS_RESPONSE} r.make (req, res, api)
+			if r.has_permission ("account reactivate") then
+				if req.is_post_request_method then
+					if attached {WSF_STRING} req.form_parameter ("email") as l_email then
+						l_user_api := api.user_api
+						if attached {CMS_TEMP_USER} l_user_api.temp_user_by_email (l_email.value) as l_user then
+								-- User exist create a new token and send a new email.
+							if l_user.is_active then
+								r.set_value ("The asociated user to the given email " + l_email.value + " , is already active", "is_active")
 								r.set_status_code ({HTTP_CONSTANTS}.bad_request)
+							else
+								l_token := new_token
+								l_user_api.new_activation (l_token, l_user.id)
+								l_url_activate := req.absolute_script_url ("/account/activate/" + l_token)
+								l_url_reject := req.absolute_script_url ("/account/reject/" + l_token)
+										-- Send Email to webmaster
+								if attached l_user.personal_information as l_personal_information then
+									create es.make (create {CMS_AUTHENTICATION_EMAIL_SERVICE_PARAMETERS}.make (api))
+									write_debug_log (generator + ".handle register: send_register_email")
+									es.send_account_evaluation (l_user, l_personal_information, l_url_activate, l_url_reject, req.absolute_script_url (""))
+								end
 							end
+						else
+							r.set_value ("The email does not exist or !", "error_email")
+							r.set_value (l_email.value, "email")
+							r.set_status_code ({HTTP_CONSTANTS}.bad_request)
 						end
 					end
-				else
-					create {FORBIDDEN_ERROR_CMS_RESPONSE} r.make (req, res, api)
-					r.execute
 				end
 			else
-				create {INTERNAL_SERVER_ERROR_CMS_RESPONSE} r.make (req, res, api)
+				create {FORBIDDEN_ERROR_CMS_RESPONSE} r.make (req, res, api)
+				r.execute
 			end
 			r.execute
 		end
@@ -597,6 +533,7 @@ feature -- Handler
 			l_page_helper: CMS_PAGINATION_GENERATOR
 			s_pager: STRING
 			l_count: INTEGER
+			l_user_api: CMS_USER_API
 		do
 				-- At the moment the template are hardcoded, but we can
 				-- get them from the configuration file and load them into
@@ -604,11 +541,11 @@ feature -- Handler
 
 			create {FORBIDDEN_ERROR_CMS_RESPONSE} l_response.make (req, res, api)
 			if
-				l_response.has_permission ("admin registration") and then
-				attached auth_api as l_auth_api
+				l_response.has_permission ("admin registration")
 			then
+				l_user_api := api.user_api
 
-				l_count := l_auth_api.users_count
+				l_count := l_user_api.temp_users_count
 
 				create {GENERIC_VIEW_CMS_RESPONSE} l_response.make (req, res, api)
 
@@ -620,7 +557,7 @@ feature -- Handler
 				end
 
 				create s_pager.make_empty
-				create l_page_helper.make ("admin/pending-registrations/?page={page}&size={size}", l_auth_api.users_count.as_natural_64, 25) -- FIXME: Make this default page size a global CMS settings
+				create l_page_helper.make ("admin/pending-registrations/?page={page}&size={size}", l_user_api.temp_users_count.as_natural_64, 25) -- FIXME: Make this default page size a global CMS settings
 				l_page_helper.get_setting_from_request (req)
 				if l_page_helper.has_upper_limit and then l_page_helper.pages_count > 1 then
 					l_page_helper.append_to_html (l_response, s_pager)
@@ -629,7 +566,7 @@ feature -- Handler
 					end
 				end
 
-				if attached l_auth_api.recent_users (create {CMS_DATA_QUERY_PARAMETERS}.make (l_page_helper.current_page_offset, l_page_helper.page_size)) as lst then
+				if attached l_user_api.temp_recent_users (create {CMS_DATA_QUERY_PARAMETERS}.make (l_page_helper.current_page_offset, l_page_helper.page_size)) as lst then
 					s.append ("<ul class=%"cms-temp-users%">%N")
 					across
 						lst as ic
@@ -648,7 +585,7 @@ feature -- Handler
 							s.append (l_email)
 							s.append ("</li>%N")
 						end
-						if attached l_auth_api.token_by_user_id (u.id) as l_token then
+						if attached l_user_api.token_by_temp_user_id (u.id) as l_token then
 							s.append ("<li>")
 							s.append ("<a href=%"")
 							s.append (req.absolute_script_url ("/account/activate/" + l_token))
diff --git a/modules/auth/cms_temp_user_api.e b/modules/auth/cms_temp_user_api.e
deleted file mode 100644
index 99fc981..0000000
--- a/modules/auth/cms_temp_user_api.e
+++ /dev/null
@@ -1,127 +0,0 @@
-note
-	description: "API to handle temporal users"
-	date: "$Date$"
-	revision: "$Revision$"
-
-class
-	CMS_TEMP_USER_API
-
-inherit
-	CMS_MODULE_API
-
-	REFACTORING_HELPER
-
-create {CMS_AUTHENTICATION_MODULE}
-	make_with_storage
-
-feature {NONE} -- Initialization
-
-	make_with_storage (a_api: CMS_API; a_auth_storage: CMS_TEMP_USER_STORAGE_I)
-			-- Create an object with api `a_api' and storage `a_auth_storage'.
-		do
-			auth_storage := a_auth_storage
-			make (a_api)
-		ensure
-			auth_storage_set:  auth_storage = a_auth_storage
-		end
-
-feature -- Access
-
-	users_count: INTEGER
-			-- Number of pending users.
-			--! to be accepted or rehected
-		do
-			Result := auth_storage.users_count
-		end
-
-	user_by_name (a_username: READABLE_STRING_GENERAL): detachable CMS_USER
-			-- User by name `a_user_name', if any.
-		do
-			Result := auth_storage.user_by_name (a_username.as_string_32)
-		end
-
-	user_by_email (a_email: READABLE_STRING_8): detachable CMS_USER
-			-- User by email `a_email', if any.
-		do
-			Result := auth_storage.user_by_email (a_email)
-		end
-
-	user_by_activation_token (a_token: READABLE_STRING_32): detachable CMS_USER
-			-- User by activation token `a_token'.
-		do
-			Result := auth_storage.user_by_activation_token (a_token)
-		end
-
-	recent_users (params: CMS_DATA_QUERY_PARAMETERS): ITERABLE [CMS_TEMP_USER]
-			-- List of the `a_rows' most recent users starting from  `a_offset'.
-		do
-			Result := auth_storage.recent_users (params.offset.to_integer_32, params.size.to_integer_32)
-		end
-
-	token_by_user_id (a_id: like {CMS_USER}.id): detachable STRING
-		do
-			Result := auth_storage.token_by_user_id (a_id)
-		end
-
-feature -- Temp User
-
-	new_user_from_temp_user (a_user: CMS_TEMP_USER)
-			-- Add a new user `a_user'.
-		require
-			no_id: not a_user.has_id
-			has_hashed_password: a_user.hashed_password /= Void
-			has_sal: a_user.salt /= Void
-		do
-			reset_error
-			if
-				attached a_user.hashed_password as l_password and then
-				attached a_user.salt as l_salt and then
-				attached a_user.email as l_email
-			then
-				auth_storage.new_user_from_temporal_user (a_user)
-				error_handler.append (storage.error_handler)
-			else
-				error_handler.add_custom_error (0, "bad new user request", "Missing password or email to create new user!")
-			end
-		end
-
-	new_temp_user (a_user: CMS_TEMP_USER)
-			-- Add a new user `a_user'.
-		require
-			no_id: not a_user.has_id
-			no_hashed_password: a_user.hashed_password = Void
-		do
-			reset_error
-			if
-				attached a_user.password as l_password and then
-				attached a_user.email as l_email
-			then
-				auth_storage.new_temp_user (a_user)
-				error_handler.append (storage.error_handler)
-			else
-				error_handler.add_custom_error (0, "bad new user request", "Missing password or email to create new user!")
-			end
-		end
-
-	remove_activation (a_token: READABLE_STRING_32)
-			-- Remove activation token `a_token', from the storage.
-		do
-			auth_storage.remove_activation (a_token)
-		end
-
-	delete_temp_user (a_user: CMS_TEMP_USER)
-			-- Delete user `a_user'.
-		require
-			has_id: a_user.has_id
-		do
-			reset_error
-			auth_storage.delete_user (a_user)
-			error_handler.append (storage.error_handler)
-		end
-
-feature {CMS_MODULE} -- Access: User auth storage.
-
-	auth_storage: CMS_TEMP_USER_STORAGE_I
-			-- storage interface.
-
-end
diff --git a/modules/auth/persistence/cms_temp_user_storage_i.e b/modules/auth/persistence/cms_temp_user_storage_i.e
deleted file mode 100644
index d5aece1..0000000
--- a/modules/auth/persistence/cms_temp_user_storage_i.e
+++ /dev/null
@@ -1,100 +0,0 @@
-note
-	description: "[
-		API to handle temporal User storage
-		]"
-	date: "$Date$"
-	revision: "$Revision$"
-
-deferred class
-	CMS_TEMP_USER_STORAGE_I
-
-inherit
-	SHARED_LOGGER
-
-feature -- Error Handling
-
-	error_handler: ERROR_HANDLER
-			-- Error handler.
-		deferred
-		end
-
-feature -- Access: Users
-
-	users_count: INTEGER
-			-- Number of pending users
-			--! to be accepted or rejected
-		deferred
-		end
-
-	user_temp_by_id (a_uid: like {CMS_USER}.id; a_consumer_table: READABLE_STRING_GENERAL): detachable CMS_USER
-			-- Retrieve a temporal user by id `a_uid' for the consumer `a_consumer', if aby.
-		deferred
-		end
-
-	user_by_name (a_name: like {CMS_USER}.name): detachable CMS_USER
-			-- User with name `a_name', if any.
-		require
-			 a_name /= Void and then not a_name.is_empty
-		deferred
-		ensure
-			same_name: Result /= Void implies a_name ~ Result.name
-			password: Result /= Void implies (Result.hashed_password /= Void and Result.password = Void)
-		end
-
-	user_by_email (a_email: like {CMS_USER}.email): detachable CMS_USER
-			-- User with name `a_email', if any.
-		deferred
-		ensure
-			same_email: Result /= Void implies a_email ~ Result.email
-			password: Result /= Void implies (Result.hashed_password /= Void and Result.password = Void)
-		end
-
-
-	user_by_activation_token (a_token: READABLE_STRING_32): detachable CMS_USER
-			-- User with activation token `a_token', if any.
-		deferred
-		ensure
-			password: Result /= Void implies (Result.hashed_password /= Void and Result.password = Void)
-		end
-
-	recent_users (a_lower: INTEGER; a_count: INTEGER): LIST [CMS_TEMP_USER]
-			-- List of recent `a_count' temporal users with an offset of `lower'.
-		deferred
-		end
-
-
-	token_by_user_id (a_id: like {CMS_USER}.id): detachable STRING
-			-- Retrieve activation token for user identified with id `a_id', if any.
-		deferred
-		end
-
-
-feature -- New Temp User
-
-	new_user_from_temporal_user (a_user: CMS_TEMP_USER)
-  			-- new user from temporal user `a_user'
-  		require
-  			no_id: not a_user.has_id
-  		deferred
-  		end
-
-	remove_activation (a_token: READABLE_STRING_32)
-			-- Remove activation by token `a_token'.
-		deferred
-		end
-
-	new_temp_user (a_user: CMS_TEMP_USER)
-			-- New temp user `a_user'.
-		require
-			no_id: not a_user.has_id
-		deferred
-		end
-
-	delete_user (a_user: CMS_TEMP_USER)
-			-- Delete user `a_user'.
-		require
-			has_id: a_user.has_id
-		deferred
-		end
-
-end
diff --git a/modules/auth/persistence/cms_temp_user_storage_null.e b/modules/auth/persistence/cms_temp_user_storage_null.e
deleted file mode 100644
index 6b7a834..0000000
--- a/modules/auth/persistence/cms_temp_user_storage_null.e
+++ /dev/null
@@ -1,84 +0,0 @@
-note
-	description: "Summary description for {CMS_TEMP_USER_STORAGE_NULL}."
-	date: "$Date$"
-	revision: "$Revision$"
-
-class
-	CMS_TEMP_USER_STORAGE_NULL
-
-inherit
-
-	CMS_TEMP_USER_STORAGE_I
-
-
-feature -- Error handler
-
-	error_handler: ERROR_HANDLER
-			-- Error handler.
-		do
-			create Result.make
-		end
-
-feature -- Access: Users
-
-	users_count: INTEGER
-			-- <Precursor>
-		do
-		end
-
-	user_temp_by_id (a_uid: like {CMS_USER}.id; a_consumer_table: READABLE_STRING_GENERAL): detachable CMS_USER
-			-- <Precursor>
-		do
-		end
-
-	user_by_name (a_name: like {CMS_USER}.name): detachable CMS_USER
-			-- <Precursor>
-		do
-		end
-
-	user_by_email (a_email: like {CMS_USER}.email): detachable CMS_USER
-			-- <Precursor>
-		do
-		end
-
-	user_by_activation_token (a_token: READABLE_STRING_32): detachable CMS_USER
-			-- <Precursor>
-		do
-		end
-
-	recent_users (a_lower: INTEGER; a_count: INTEGER): LIST [CMS_TEMP_USER]
-			-- List of recent `a_count' temporal users with an offset of `lower'.
-		do
-			create {ARRAYED_LIST[CMS_TEMP_USER]} Result.make (0)
-		end
-
-	token_by_user_id (a_id: like {CMS_USER}.id): detachable STRING
-			-- <Precursor>
-		do
-		end
-
-feature -- Temp Users
-
-	new_user_from_temporal_user (a_user: CMS_TEMP_USER)
-			-- <Precursor>
-		do
-  		end
-
-
-	remove_activation (a_token: READABLE_STRING_32)
-			-- <Precursor>.
-		do
-		end
-
-	new_temp_user (a_user: CMS_TEMP_USER)
-			-- <Precursor>
-		do
-		end
-
-	delete_user (a_user: CMS_TEMP_USER)
-			-- <Precursor>
-		do
-		end
-
-
-end
diff --git a/modules/auth/persistence/cms_temp_user_storage_sql.e b/modules/auth/persistence/cms_temp_user_storage_sql.e
deleted file mode 100644
index 699dfcd..0000000
--- a/modules/auth/persistence/cms_temp_user_storage_sql.e
+++ /dev/null
@@ -1,388 +0,0 @@
-note
-	description: "Summary description for {CMS_TEMP_USER_STORAGE_SQL}."
-	date: "$Date$"
-	revision: "$Revision$"
-
-class
-	CMS_TEMP_USER_STORAGE_SQL
-
-inherit
-	CMS_TEMP_USER_STORAGE_I
-
-	CMS_PROXY_STORAGE_SQL
-
-	CMS_STORAGE_SQL_I
-
-	REFACTORING_HELPER
-
-create
-	make
-
-feature -- Access User
-
-	users_count: INTEGER
-			-- Number of items users.
-		do
-			error_handler.reset
-			write_information_log (generator + ".user_count")
-
-			sql_query (select_temporal_users_count, Void)
-			if not has_error and then not sql_after then
-				Result := sql_read_integer_64 (1).to_integer_32
-				sql_forth
-				check one_row: sql_after end
-			end
-			sql_finalize
-		end
-
-
-	user_temp_by_id (a_uid: like {CMS_USER}.id; a_consumer: READABLE_STRING_GENERAL): detachable CMS_USER
-			-- <Precursor>
-		local
-			l_parameters: STRING_TABLE [detachable ANY]
-			l_string: STRING
-		do
-			error_handler.reset
-			write_information_log (generator + ".user_temp_by_id")
-			create l_parameters.make (1)
-			l_parameters.put (a_uid, "uid")
-			create l_string.make_from_string (select_user_auth_temp_by_id)
-			sql_query (l_string, l_parameters)
-			if not has_error and not sql_after then
-				Result := fetch_user
-				sql_forth
-				if not sql_after then
-					check no_more_than_one: False end
-					Result := Void
-				end
-			end
-			sql_finalize
-		end
-
-	user_by_name (a_name: like {CMS_USER}.name): detachable CMS_USER
-			-- User for the given name `a_name', if any.
-		local
-			l_parameters: STRING_TABLE [detachable ANY]
-		do
-			error_handler.reset
-			write_information_log (generator + ".user_by_name")
-			create l_parameters.make (1)
-			l_parameters.put (a_name, "name")
-			sql_query (select_user_by_name, l_parameters)
-			if not sql_after then
-				Result := fetch_user
-				sql_forth
-				check one_row: sql_after end
-			end
-			sql_finalize
-		end
-
-	user_by_email (a_email: like {CMS_USER}.email): detachable CMS_USER
-			-- User for the given email `a_email', if any.
-		local
-			l_parameters: STRING_TABLE [detachable ANY]
-		do
-			error_handler.reset
-			write_information_log (generator + ".user_by_email")
-			create l_parameters.make (1)
-			l_parameters.put (a_email, "email")
-			sql_query (select_user_by_email, l_parameters)
-			if not sql_after then
-				Result := fetch_user
-				sql_forth
-				check one_row: sql_after end
-			end
-			sql_finalize
-		end
-
-	user_by_activation_token (a_token: READABLE_STRING_32): detachable CMS_USER
-			-- User for the given activation token `a_token', if any.
-		local
-			l_parameters: STRING_TABLE [detachable ANY]
-		do
-			error_handler.reset
-			write_information_log (generator + ".user_by_activation_token")
-			create l_parameters.make (1)
-			l_parameters.put (a_token, "token")
-			sql_query (select_user_by_activation_token, l_parameters)
-			if not sql_after then
-				Result := fetch_user
-				sql_forth
-				check one_row: sql_after end
-			end
-			sql_finalize
-		end
-
-	recent_users (a_lower: INTEGER; a_count: INTEGER): LIST [CMS_TEMP_USER]
-			-- <Precursor>
-		local
-			l_parameters: STRING_TABLE [detachable ANY]
-		do
-			create {ARRAYED_LIST [CMS_TEMP_USER]} Result.make (0)
-
-			error_handler.reset
-			write_information_log (generator + ".recent_users")
-
-			from
-				create l_parameters.make (2)
-				l_parameters.put (a_count, "rows")
-				l_parameters.put (a_lower, "offset")
-				sql_query (sql_select_recent_users, l_parameters)
-				sql_start
-			until
-				sql_after
-			loop
-				if attached fetch_user as l_user then
-					Result.force (l_user)
-				end
-				sql_forth
-			end
-			sql_finalize
-		end
-
-	token_by_user_id (a_id: like {CMS_USER}.id): detachable STRING
-			-- Number of items users.
-		local
-			l_parameters: STRING_TABLE [detachable ANY]
-		do
-			error_handler.reset
-			write_information_log (generator + ".token_by_user_id")
-			create l_parameters.make (1)
-			l_parameters.put (a_id, "uid")
-
-
-			sql_query (select_token_activation_by_user_id, l_parameters)
-			if not has_error and then not sql_after then
-				Result := sql_read_string (1)
-				sql_forth
-				check one_row: sql_after end
-			end
-			sql_finalize
-		end
-
-feature {NONE} -- Implementation: User
-
-	fetch_user: detachable CMS_TEMP_USER
-		local
-			l_id: INTEGER_64
-			l_name: detachable READABLE_STRING_32
-		do
-			if attached sql_read_integer_64 (1) as i then
-				l_id := i
-			end
-			if attached sql_read_string_32 (2) as s and then not s.is_whitespace then
-				l_name := s
-			end
-
-			if l_name /= Void then
-				create Result.make (l_name)
-				if l_id > 0 then
-					Result.set_id (l_id)
-				end
-			elseif l_id > 0 then
-				create Result.make_with_id (l_id)
-			end
-
-			if Result /= Void then
-				if attached sql_read_string (3) as l_password then
-					Result.set_hashed_password (l_password)
-				end
-				if attached sql_read_string (4) as l_salt then
-					Result.set_salt (l_salt)
-				end
-				if attached sql_read_string (5) as l_email then
-					Result.set_email (l_email)
-				end
-				if attached sql_read_string (6) as l_application then
-					Result.set_personal_information (l_application)
-				end
-			else
-				check expected_valid_user: False end
-			end
-		end
-
-
-feature -- New Temp User
-
-	new_user_from_temporal_user (a_user: CMS_TEMP_USER)
-			-- <Precursor>
-  		local
-  			l_parameters: STRING_TABLE [detachable ANY]
-  		do
-  			error_handler.reset
-  			if
-  				attached a_user.hashed_password as l_password_hash and then
-  				attached a_user.email as l_email and then
-  				attached a_user.salt as l_password_salt
-  			then
-  				sql_begin_transaction
-
-  				write_information_log (generator  + ".new_user")
-  				create l_parameters.make (4)
-  				l_parameters.put (a_user.name, "name")
-  				l_parameters.put (l_password_hash, "password")
-  				l_parameters.put (l_password_salt, "salt")
-  				l_parameters.put (l_email, "email")
-  				l_parameters.put (create {DATE_TIME}.make_now_utc, "created")
-  				l_parameters.put (a_user.status, "status")
-
-  				sql_insert (sql_insert_user, l_parameters)
-  				if not error_handler.has_error then
-  					a_user.set_id (last_inserted_user_id)
-  				end
-  				if not error_handler.has_error then
-  					sql_commit_transaction
-  				else
-  					sql_rollback_transaction
-  				end
-  				sql_finalize
-  			else
-  				-- set error
-  				error_handler.add_custom_error (-1, "bad request" , "Missing password or email")
-  			end
-  		end
-
-	new_temp_user (a_user: CMS_TEMP_USER)
-			-- Add a new temp_user `a_user'.
-		local
-			l_parameters: STRING_TABLE [detachable ANY]
-			l_password_salt, l_password_hash: STRING
-			l_security: SECURITY_PROVIDER
-		do
-			error_handler.reset
-			if
-				attached a_user.password as l_password and then
-				attached a_user.email as l_email and then
-				attached a_user.personal_information as l_personal_information
-			then
-
-				create l_security
-				l_password_salt := l_security.salt
-				l_password_hash := l_security.password_hash (l_password, l_password_salt)
-
-				write_information_log (generator + ".new_temp_user")
-				create l_parameters.make (4)
-				l_parameters.put (a_user.name, "name")
-				l_parameters.put (l_password_hash, "password")
-				l_parameters.put (l_password_salt, "salt")
-				l_parameters.put (l_email, "email")
-				l_parameters.put (l_personal_information, "application")
-
-				sql_begin_transaction
-				sql_insert (sql_insert_temp_user, l_parameters)
-				if not error_handler.has_error then
-					a_user.set_id (last_inserted_temp_user_id)
-					sql_commit_transaction
-				else
-					sql_rollback_transaction
-				end
-				sql_finalize
-			else
-				-- set error
-				error_handler.add_custom_error (-1, "bad request" , "Missing password or email")
-			end
-		end
-
-
-feature -- Remove Activation
-
-	remove_activation (a_token: READABLE_STRING_32)
-			-- <Precursor>.
-		local
-			l_parameters: STRING_TABLE [detachable ANY]
-		do
-			error_handler.reset
-			sql_begin_transaction
-			write_information_log (generator + ".remove_activation")
-			create l_parameters.make (1)
-			l_parameters.put (a_token, "token")
-			sql_modify (sql_remove_activation, l_parameters)
-			sql_commit_transaction
-			sql_finalize
-		end
-
-	delete_user (a_user: CMS_TEMP_USER)
-			-- Delete user `a_user'.
-		local
-			l_parameters: STRING_TABLE [detachable ANY]
-		do
-			error_handler.reset
-			sql_begin_transaction
-			write_information_log (generator + ".delete_user")
-			create l_parameters.make (1)
-			l_parameters.put (a_user.id, "uid")
-			sql_modify (sql_delete_temp_user, l_parameters)
-			sql_commit_transaction
-			sql_finalize
-		end
-feature  {NONE} -- Implementation
-
-	last_inserted_temp_user_id: INTEGER_64
-			-- Last insert user id.
-		do
-			error_handler.reset
-			write_information_log (generator + ".last_inserted_temp_user_id")
-			sql_query (sql_last_insert_temp_user_id, Void)
-			if not sql_after then
-				Result := sql_read_integer_64 (1)
-				sql_forth
-				check one_row: sql_after end
-			end
-			sql_finalize
-		end
-
-	last_inserted_user_id: INTEGER_64
-			-- Last insert user id.
-		do
-			error_handler.reset
-			write_information_log (generator + ".last_inserted_user_id")
-			sql_query (sql_last_insert_user_id, Void)
-			if not sql_after then
-				Result := sql_read_integer_64 (1)
-				sql_forth
-				check one_row: sql_after end
-			end
-			sql_finalize
-		end
-
-feature {NONE} -- SQL select
-
-	sql_last_insert_temp_user_id: STRING = "SELECT MAX(uid) FROM auth_temp_users;"
-
-
-	Select_user_auth_temp_by_id: STRING = "SELECT uid, name, password, salt, email, application FROM auth_temp_users as u where uid=:uid;"
-
-
-	sql_insert_temp_user: STRING = "INSERT INTO auth_temp_users (name, password, salt, email, application) VALUES (:name, :password, :salt, :email, :application);"
-			-- SQL Insert to add a new user.
-
-	Select_user_by_name: STRING = "SELECT uid, name, password, salt, email, application FROM auth_temp_users WHERE name =:name;"
-			-- Retrieve user by name if exists.
-
-	Select_user_by_email: STRING = "SELECT uid, name, password, salt, email, application FROM auth_temp_users WHERE email =:email;"
-			-- Retrieve user by email if exists.
-
-	Select_user_by_activation_token: STRING = "SELECT u.uid, u.name, u.password, u.salt, u.email, u.application FROM auth_temp_users as u JOIN users_activations as ua ON ua.uid = u.uid and ua.token = :token;"
-			-- Retrieve user by activation token if exist.
-
-	Sql_remove_activation: STRING = "DELETE FROM users_activations WHERE token = :token;"
-			-- Remove activation token.		
-
-	sql_delete_temp_user: STRING = "DELETE FROM auth_temp_users WHERE uid=:uid;"
-
-
-	Sql_last_insert_user_id: STRING = "SELECT MAX(uid) FROM users;"
-
-	sql_insert_user: STRING = "INSERT INTO users (name, password, salt, email, created, status) VALUES (:name, :password, :salt, :email, :created, :status);"
-			-- SQL Insert to add a new user.		
-
-
-	Select_temporal_users_count: STRING = "SELECT count(*) FROM auth_temp_users;"
-			-- Number of temporal users.			
-
-	Sql_select_recent_users: STRING = "SELECT uid, name, password, salt, email, application FROM auth_temp_users ORDER BY uid DESC LIMIT :rows OFFSET :offset ;"
-			-- Retrieve recent users
-
-	select_token_activation_by_user_id: STRING = "SELECT token FROM users_activations WHERE uid = :uid;"
-
-end
diff --git a/src/persistence/user/cms_user_storage_i.e b/src/persistence/user/cms_user_storage_i.e
index ca7967c..6537fd0 100644
--- a/src/persistence/user/cms_user_storage_i.e
+++ b/src/persistence/user/cms_user_storage_i.e
@@ -216,11 +216,6 @@ feature -- Change: User activation
 		deferred
 		end
 
-	remove_activation (a_token: READABLE_STRING_32)
-			-- <Precursor>.
-		deferred
-		end
-
 feature -- Change: User password recovery
 
 	save_password (a_token: READABLE_STRING_32; a_id: INTEGER_64)
@@ -233,6 +228,86 @@ feature -- Change: User password recovery
 		deferred
 		end
 
+feature -- Access: Temp Users
+
+	temp_users_count: INTEGER
+			-- Number of pending users
+			--! to be accepted or rejected
+		deferred
+		end
+
+	temp_user_by_id (a_uid: like {CMS_USER}.id; a_consumer_table: READABLE_STRING_GENERAL): detachable CMS_USER
+			-- Retrieve a temporal user by id `a_uid' for the consumer `a_consumer', if aby.
+		deferred
+		end
+
+	temp_user_by_name (a_name: like {CMS_USER}.name): detachable CMS_USER
+			-- User with name `a_name', if any.
+		require
+			 a_name /= Void and then not a_name.is_empty
+		deferred
+		ensure
+			same_name: Result /= Void implies a_name ~ Result.name
+			password: Result /= Void implies (Result.hashed_password /= Void and Result.password = Void)
+		end
+
+	temp_user_by_email (a_email: like {CMS_USER}.email): detachable CMS_USER
+			-- User with name `a_email', if any.
+		deferred
+		ensure
+			same_email: Result /= Void implies a_email ~ Result.email
+			password: Result /= Void implies (Result.hashed_password /= Void and Result.password = Void)
+		end
+
+
+	temp_user_by_activation_token (a_token: READABLE_STRING_32): detachable CMS_USER
+			-- User with activation token `a_token', if any.
+		deferred
+		ensure
+			password: Result /= Void implies (Result.hashed_password /= Void and Result.password = Void)
+		end
+
+	temp_recent_users (a_lower: INTEGER; a_count: INTEGER): LIST [CMS_TEMP_USER]
+			-- List of recent `a_count' temporal users with an offset of `lower'.
+		deferred
+		end
+
+
+	token_by_temp_user_id (a_id: like {CMS_USER}.id): detachable STRING
+			-- Retrieve activation token for user identified with id `a_id', if any.
+		deferred
+		end
+
+
+feature -- New Temp User
+
+	new_user_from_temporal_user (a_user: CMS_TEMP_USER)
+  			-- new user from temporal user `a_user'
+  		require
+  			no_id: not a_user.has_id
+  		deferred
+  		end
+
+	remove_activation (a_token: READABLE_STRING_32)
+			-- Remove activation by token `a_token'.
+		deferred
+		end
+
+	new_temp_user (a_user: CMS_TEMP_USER)
+			-- New temp user `a_user'.
+		require
+			no_id: not a_user.has_id
+		deferred
+		end
+
+	delete_temp_user (a_user: CMS_TEMP_USER)
+			-- Delete user `a_user'.
+		require
+			has_id: a_user.has_id
+		deferred
+		end
+
+
 note
 	copyright: "2011-2016, Jocelyn Fiat, Javier Velilla, Eiffel Software and others"
 	license: "Eiffel Forum License v2 (see http://www.eiffel.com/licensing/forum.txt)"
diff --git a/src/persistence/user/cms_user_storage_null.e b/src/persistence/user/cms_user_storage_null.e
index 0af4a9c..c524886 100644
--- a/src/persistence/user/cms_user_storage_null.e
+++ b/src/persistence/user/cms_user_storage_null.e
@@ -65,11 +65,6 @@ feature -- Change: user
 			a_user.set_id (1)
 		end
 
-	new_user_from_temporal_user (a_user: CMS_USER)
-		do
-			a_user.set_id (1)
-		end
-		
 	update_user (a_user: CMS_USER)
 			-- Update user `a_user'.
 		do
@@ -136,10 +131,6 @@ feature -- Change: User activation
 		do
 		end
 
-	remove_activation (a_token: READABLE_STRING_32)
-			-- <Precursor>.
-		do
-		end
 
 feature -- Change: User password recovery
 
@@ -153,6 +144,66 @@ feature -- Change: User password recovery
 		do
 		end
 
+feature -- Access: Users
+
+	temp_users_count: INTEGER
+			-- <Precursor>
+		do
+		end
+
+	temp_user_by_id (a_uid: like {CMS_USER}.id; a_consumer_table: READABLE_STRING_GENERAL): detachable CMS_USER
+			-- <Precursor>
+		do
+		end
+
+	temp_user_by_name (a_name: like {CMS_USER}.name): detachable CMS_USER
+			-- <Precursor>
+		do
+		end
+
+	temp_user_by_email (a_email: like {CMS_USER}.email): detachable CMS_USER
+			-- <Precursor>
+		do
+		end
+
+	temp_user_by_activation_token (a_token: READABLE_STRING_32): detachable CMS_USER
+			-- <Precursor>
+		do
+		end
+
+	temp_recent_users (a_lower: INTEGER; a_count: INTEGER): LIST [CMS_TEMP_USER]
+			-- List of recent `a_count' temporal users with an offset of `lower'.
+		do
+			create {ARRAYED_LIST[CMS_TEMP_USER]} Result.make (0)
+		end
+
+	token_by_temp_user_id (a_id: like {CMS_USER}.id): detachable STRING
+			-- <Precursor>
+		do
+		end
+
+feature -- Temp Users
+
+	new_user_from_temporal_user (a_user: CMS_TEMP_USER)
+			-- <Precursor>
+		do
+  		end
+
+
+	remove_activation (a_token: READABLE_STRING_32)
+			-- <Precursor>.
+		do
+		end
+
+	new_temp_user (a_user: CMS_TEMP_USER)
+			-- <Precursor>
+		do
+		end
+
+	delete_temp_user (a_user: CMS_TEMP_USER)
+			-- <Precursor>
+		do
+		end
 note
 	copyright: "2011-2016, Jocelyn Fiat, Javier Velilla, Eiffel Software and others"
 	license: "Eiffel Forum License v2 (see http://www.eiffel.com/licensing/forum.txt)"
diff --git a/src/persistence/user/cms_user_storage_sql_i.e b/src/persistence/user/cms_user_storage_sql_i.e
index e0c7d7f..182f640 100644
--- a/src/persistence/user/cms_user_storage_sql_i.e
+++ b/src/persistence/user/cms_user_storage_sql_i.e
@@ -196,6 +196,7 @@ feature -- Access: user
 			end
 			sql_finalize
 		end
+
 feature -- Change: user
 
 	new_user (a_user: CMS_USER)
@@ -755,21 +756,6 @@ feature -- Change: User activation
 			sql_finalize
 		end
 
-	remove_activation (a_token: READABLE_STRING_32)
-			-- <Precursor>.
-		local
-			l_parameters: STRING_TABLE [detachable ANY]
-		do
-			error_handler.reset
-			sql_begin_transaction
-			write_information_log (generator + ".remove_activation")
-			create l_parameters.make (1)
-			l_parameters.put (a_token, "token")
-			sql_modify (sql_remove_activation, l_parameters)
-			sql_commit_transaction
-			sql_finalize
-		end
-
 feature -- Change: User password recovery
 
 	save_password (a_token: READABLE_STRING_32; a_id: INTEGER_64)
@@ -866,19 +852,6 @@ feature {NONE} -- Implementation: User
 			end
 		end
 
-	last_inserted_user_id: INTEGER_64
-			-- Last insert user id.
-		do
-			error_handler.reset
-			write_information_log (generator + ".last_inserted_user_id")
-			sql_query (Sql_last_insert_user_id, Void)
-			if not sql_after then
-				Result := sql_read_integer_64 (1)
-				sql_forth
-				check one_row: sql_after end
-			end
-			sql_finalize
-		end
 
 feature {NONE} -- Implementation: User role		
 
@@ -909,8 +882,6 @@ feature {NONE} -- Sql Queries: USER
 	Select_users_count: STRING = "SELECT count(*) FROM users;"
 			-- Number of users.
 
-	Sql_last_insert_user_id: STRING = "SELECT MAX(uid) FROM users;"
-
 	Select_users: STRING = "SELECT * FROM users;"
 			-- List of users.
 
@@ -920,7 +891,7 @@ feature {NONE} -- Sql Queries: USER
 	Select_user_by_name: STRING = "SELECT * FROM users WHERE name =:name;"
 			-- Retrieve user by name if exists.
 
-	Sql_select_recent_users: STRING = "SELECT uid, name, password, salt, email, status, created, signed FROM users ORDER BY uid DESC, created DESC LIMIT :rows OFFSET :offset ;"
+	Sql_select_recent_users: STRING = "SELECT uid, name, password, salt, email, status, created, signed FROM users ORDER BY uid DESC, created DESC LIMIT :rows OFFSET :offset;"
 			-- Retrieve recent users
 
 	Select_user_by_email: STRING = "SELECT uid, name, password, salt, email, status, created, signed FROM users WHERE email =:email;"
@@ -941,6 +912,8 @@ feature {NONE} -- Sql Queries: USER ROLE
 
 	sql_last_insert_user_role_id: STRING = "SELECT MAX(rid) FROM roles;"
 
+	sql_last_insert_user_id: STRING = "SELECT MAX(uid) FROM users;"
+
 	select_user_roles: STRING = "SELECT rid, name FROM roles;"
 			-- List of user roles.	
 
@@ -1009,6 +982,366 @@ feature {NONE} -- User Password Recovery
 	Select_user_by_password_token: STRING = "SELECT u.* FROM users as u JOIN users_password_recovery as ua ON ua.uid = u.uid and ua.token = :token;"
 			-- Retrieve user by password token if exist.
 
+
+
+feature -- Acess: Temp users
+
+	temp_users_count: INTEGER
+			-- Number of items users.
+		do
+			error_handler.reset
+			write_information_log (generator + ".temp_users_count")
+
+			sql_query (select_temp_users_count, Void)
+			if not has_error and then not sql_after then
+				Result := sql_read_integer_64 (1).to_integer_32
+				sql_forth
+				check one_row: sql_after end
+			end
+			sql_finalize
+		end
+
+
+	temp_user_by_id (a_uid: like {CMS_USER}.id; a_consumer: READABLE_STRING_GENERAL): detachable CMS_USER
+			-- <Precursor>
+		local
+			l_parameters: STRING_TABLE [detachable ANY]
+			l_string: STRING
+		do
+			error_handler.reset
+			write_information_log (generator + ".temp_user_by_id")
+			create l_parameters.make (1)
+			l_parameters.put (a_uid, "uid")
+			create l_string.make_from_string (select_user_auth_temp_by_id)
+			sql_query (l_string, l_parameters)
+			if not has_error and not sql_after then
+				Result := fetch_temp_user
+				sql_forth
+				if not sql_after then
+					check no_more_than_one: False end
+					Result := Void
+				end
+			end
+			sql_finalize
+		end
+
+	temp_user_by_name (a_name: like {CMS_USER}.name): detachable CMS_USER
+			-- User for the given name `a_name', if any.
+		local
+			l_parameters: STRING_TABLE [detachable ANY]
+		do
+			error_handler.reset
+			write_information_log (generator + ".temp_user_by_name")
+			create l_parameters.make (1)
+			l_parameters.put (a_name, "name")
+			sql_query (select_temp_user_by_name, l_parameters)
+			if not sql_after then
+				Result := fetch_temp_user
+				sql_forth
+				check one_row: sql_after end
+			end
+			sql_finalize
+		end
+
+	temp_user_by_email (a_email: like {CMS_USER}.email): detachable CMS_USER
+			-- User for the given email `a_email', if any.
+		local
+			l_parameters: STRING_TABLE [detachable ANY]
+		do
+			error_handler.reset
+			write_information_log (generator + ".temp_user_by_name")
+			create l_parameters.make (1)
+			l_parameters.put (a_email, "email")
+			sql_query (select_temp_user_by_email, l_parameters)
+			if not sql_after then
+				Result := fetch_temp_user
+				sql_forth
+				check one_row: sql_after end
+			end
+			sql_finalize
+		end
+
+	temp_user_by_activation_token (a_token: READABLE_STRING_32): detachable CMS_USER
+			-- User for the given activation token `a_token', if any.
+		local
+			l_parameters: STRING_TABLE [detachable ANY]
+		do
+			error_handler.reset
+			write_information_log (generator + ".temp_user_by_activation_token")
+			create l_parameters.make (1)
+			l_parameters.put (a_token, "token")
+			sql_query (select_temp_user_by_activation_token, l_parameters)
+			if not sql_after then
+				Result := fetch_temp_user
+				sql_forth
+				check one_row: sql_after end
+			end
+			sql_finalize
+		end
+
+	temp_recent_users (a_lower: INTEGER; a_count: INTEGER): LIST [CMS_TEMP_USER]
+			-- <Precursor>
+		local
+			l_parameters: STRING_TABLE [detachable ANY]
+		do
+			create {ARRAYED_LIST [CMS_TEMP_USER]} Result.make (0)
+
+			error_handler.reset
+			write_information_log (generator + ".temp_recent_users")
+
+			from
+				create l_parameters.make (2)
+				l_parameters.put (a_count, "rows")
+				l_parameters.put (a_lower, "offset")
+				sql_query (sql_select_temp_recent_users, l_parameters)
+				sql_start
+			until
+				sql_after
+			loop
+				if attached fetch_temp_user as l_user then
+					Result.force (l_user)
+				end
+				sql_forth
+			end
+			sql_finalize
+		end
+
+	token_by_temp_user_id (a_id: like {CMS_USER}.id): detachable STRING
+			-- Number of items users.
+		local
+			l_parameters: STRING_TABLE [detachable ANY]
+		do
+			error_handler.reset
+			write_information_log (generator + ".token_by_temp_user_id")
+			create l_parameters.make (1)
+			l_parameters.put (a_id, "uid")
+
+
+			sql_query (select_token_activation_by_user_id, l_parameters)
+			if not has_error and then not sql_after then
+				Result := sql_read_string (1)
+				sql_forth
+				check one_row: sql_after end
+			end
+			sql_finalize
+		end
+
+feature {NONE} -- Implementation: User
+
+	fetch_temp_user: detachable CMS_TEMP_USER
+		local
+			l_id: INTEGER_64
+			l_name: detachable READABLE_STRING_32
+		do
+			if attached sql_read_integer_64 (1) as i then
+				l_id := i
+			end
+			if attached sql_read_string_32 (2) as s and then not s.is_whitespace then
+				l_name := s
+			end
+
+			if l_name /= Void then
+				create Result.make (l_name)
+				if l_id > 0 then
+					Result.set_id (l_id)
+				end
+			elseif l_id > 0 then
+				create Result.make_with_id (l_id)
+			end
+
+			if Result /= Void then
+				if attached sql_read_string (3) as l_password then
+					Result.set_hashed_password (l_password)
+				end
+				if attached sql_read_string (4) as l_salt then
+					Result.set_salt (l_salt)
+				end
+				if attached sql_read_string (5) as l_email then
+					Result.set_email (l_email)
+				end
+				if attached sql_read_string (6) as l_application then
+					Result.set_personal_information (l_application)
+				end
+			else
+				check expected_valid_user: False end
+			end
+		end
+
+
+feature -- New Temp User
+
+	new_user_from_temporal_user (a_user: CMS_TEMP_USER)
+			-- <Precursor>
+  		local
+  			l_parameters: STRING_TABLE [detachable ANY]
+  		do
+  			error_handler.reset
+  			if
+  				attached a_user.hashed_password as l_password_hash and then
+  				attached a_user.email as l_email and then
+  				attached a_user.salt as l_password_salt
+  			then
+  				sql_begin_transaction
+
+  				write_information_log (generator  + ".new_user_from_temporal_user")
+  				create l_parameters.make (4)
+  				l_parameters.put (a_user.name, "name")
+  				l_parameters.put (l_password_hash, "password")
+  				l_parameters.put (l_password_salt, "salt")
+  				l_parameters.put (l_email, "email")
+  				l_parameters.put (create {DATE_TIME}.make_now_utc, "created")
+  				l_parameters.put (a_user.status, "status")
+
+  				sql_insert (sql_insert_user, l_parameters)
+  				if not error_handler.has_error then
+  					a_user.set_id (last_inserted_user_id)
+  				end
+  				if not error_handler.has_error then
+  					sql_commit_transaction
+  				else
+  					sql_rollback_transaction
+  				end
+  				sql_finalize
+  			else
+  				-- set error
+  				error_handler.add_custom_error (-1, "bad request" , "Missing password or email")
+  			end
+  		end
+
+	new_temp_user (a_user: CMS_TEMP_USER)
+			-- Add a new temp_user `a_user'.
+		local
+			l_parameters: STRING_TABLE [detachable ANY]
+			l_password_salt, l_password_hash: STRING
+			l_security: SECURITY_PROVIDER
+		do
+			error_handler.reset
+			if
+				attached a_user.password as l_password and then
+				attached a_user.email as l_email and then
+				attached a_user.personal_information as l_personal_information
+			then
+
+				create l_security
+				l_password_salt := l_security.salt
+				l_password_hash := l_security.password_hash (l_password, l_password_salt)
+
+				write_information_log (generator + ".new_temp_user")
+				create l_parameters.make (4)
+				l_parameters.put (a_user.name, "name")
+				l_parameters.put (l_password_hash, "password")
+				l_parameters.put (l_password_salt, "salt")
+				l_parameters.put (l_email, "email")
+				l_parameters.put (l_personal_information, "application")
+
+				sql_begin_transaction
+				sql_insert (sql_insert_temp_user, l_parameters)
+				if not error_handler.has_error then
+					a_user.set_id (last_inserted_temp_user_id)
+					sql_commit_transaction
+				else
+					sql_rollback_transaction
+				end
+				sql_finalize
+			else
+				-- set error
+				error_handler.add_custom_error (-1, "bad request" , "Missing password or email")
+			end
+		end
+
+
+feature -- Remove Activation
+
+	remove_activation (a_token: READABLE_STRING_32)
+			-- <Precursor>.
+		local
+			l_parameters: STRING_TABLE [detachable ANY]
+		do
+			error_handler.reset
+			sql_begin_transaction
+			write_information_log (generator + ".remove_activation")
+			create l_parameters.make (1)
+			l_parameters.put (a_token, "token")
+			sql_modify (sql_remove_activation, l_parameters)
+			sql_commit_transaction
+			sql_finalize
+		end
+
+	delete_temp_user (a_user: CMS_TEMP_USER)
+			-- Delete user `a_user'.
+		local
+			l_parameters: STRING_TABLE [detachable ANY]
+		do
+			error_handler.reset
+			sql_begin_transaction
+			write_information_log (generator + ".delete_temp_user")
+			create l_parameters.make (1)
+			l_parameters.put (a_user.id, "uid")
+			sql_modify (sql_delete_temp_user, l_parameters)
+			sql_commit_transaction
+			sql_finalize
+		end
+feature  {NONE} -- Implementation
+
+	last_inserted_temp_user_id: INTEGER_64
+			-- Last insert user id.
+		do
+			error_handler.reset
+			write_information_log (generator + ".last_inserted_temp_user_id")
+			sql_query (sql_last_insert_temp_user_id, Void)
+			if not sql_after then
+				Result := sql_read_integer_64 (1)
+				sql_forth
+				check one_row: sql_after end
+			end
+			sql_finalize
+		end
+
+	last_inserted_user_id: INTEGER_64
+			-- Last insert user id.
+		do
+			error_handler.reset
+			write_information_log (generator + ".last_inserted_user_id")
+			sql_query (sql_last_insert_user_id, Void)
+			if not sql_after then
+				Result := sql_read_integer_64 (1)
+				sql_forth
+				check one_row: sql_after end
+			end
+			sql_finalize
+		end
+
+feature {NONE} -- SQL select
+
+	sql_last_insert_temp_user_id: STRING = "SELECT MAX(uid) FROM auth_temp_users;"
+
+
+	Select_user_auth_temp_by_id: STRING = "SELECT uid, name, password, salt, email, application FROM auth_temp_users as u where uid=:uid;"
+
+
+	sql_insert_temp_user: STRING = "INSERT INTO auth_temp_users (name, password, salt, email, application) VALUES (:name, :password, :salt, :email, :application);"
+			-- SQL Insert to add a new user.
+
+	select_temp_user_by_name: STRING = "SELECT uid, name, password, salt, email, application FROM auth_temp_users WHERE name =:name;"
+			-- Retrieve user by name if exists.
+
+	select_temp_user_by_email: STRING = "SELECT uid, name, password, salt, email, application FROM auth_temp_users WHERE email =:email;"
+			-- Retrieve user by email if exists.
+
+	select_temp_user_by_activation_token: STRING = "SELECT u.uid, u.name, u.password, u.salt, u.email, u.application FROM auth_temp_users as u JOIN users_activations as ua ON ua.uid = u.uid and ua.token = :token;"
+			-- Retrieve user by activation token if exist.
+
+	sql_delete_temp_user: STRING = "DELETE FROM auth_temp_users WHERE uid=:uid;"
+
+	select_temp_users_count: STRING = "SELECT count(*) FROM auth_temp_users;"
+			-- Number of temporal users.			
+
+	sql_select_temp_recent_users: STRING = "SELECT uid, name, password, salt, email, application FROM auth_temp_users ORDER BY uid DESC LIMIT :rows OFFSET :offset ;"
+			-- Retrieve recent users
+
+	select_token_activation_by_user_id: STRING = "SELECT token FROM users_activations WHERE uid = :uid;"
+
+
 note
 	copyright: "2011-2016, Jocelyn Fiat, Javier Velilla, Eiffel Software and others"
 	license: "Eiffel Forum License v2 (see http://www.eiffel.com/licensing/forum.txt)"
diff --git a/src/service/user/cms_user_api.e b/src/service/user/cms_user_api.e
index 76ba365..afbcf23 100644
--- a/src/service/user/cms_user_api.e
+++ b/src/service/user/cms_user_api.e
@@ -288,12 +288,6 @@ feature -- User Activation
 			storage.save_activation (a_token, a_id)
 		end
 
-	remove_activation (a_token: READABLE_STRING_32)
-			-- Remove activation token `a_token', from the storage.
-		do
-			storage.remove_activation (a_token)
-		end
-
 feature -- User Password Recovery
 
 	new_password (a_token: READABLE_STRING_32; a_id: INTEGER_64)
@@ -319,6 +313,100 @@ feature -- User status
 	Trashed: INTEGER = -1
 			-- The user is trashed (soft delete), ready to be deleted/destroyed from storage.
 
+feature -- Access - Temp User
+
+	temp_users_count: INTEGER
+			-- Number of pending users.
+			--! to be accepted or rehected
+		do
+			Result := storage.temp_users_count
+		end
+
+	temp_user_by_name (a_username: READABLE_STRING_GENERAL): detachable CMS_USER
+			-- User by name `a_user_name', if any.
+		do
+			Result := storage.temp_user_by_name (a_username.as_string_32)
+		end
+
+	temp_user_by_email (a_email: READABLE_STRING_8): detachable CMS_USER
+			-- User by email `a_email', if any.
+		do
+			Result := storage.temp_user_by_email (a_email)
+		end
+
+	temp_user_by_activation_token (a_token: READABLE_STRING_32): detachable CMS_USER
+			-- User by activation token `a_token'.
+		do
+			Result := storage.temp_user_by_activation_token (a_token)
+		end
+
+	temp_recent_users (params: CMS_DATA_QUERY_PARAMETERS): ITERABLE [CMS_TEMP_USER]
+			-- List of the `a_rows' most recent users starting from  `a_offset'.
+		do
+			Result := storage.temp_recent_users (params.offset.to_integer_32, params.size.to_integer_32)
+		end
+
+	token_by_temp_user_id (a_id: like {CMS_USER}.id): detachable STRING
+		do
+			Result := storage.token_by_temp_user_id (a_id)
+		end
+
+feature -- Change Temp User
+
+	new_user_from_temp_user (a_user: CMS_TEMP_USER)
+			-- Add a new user `a_user'.
+		require
+			no_id: not a_user.has_id
+			has_hashed_password: a_user.hashed_password /= Void
+			has_sal: a_user.salt /= Void
+		do
+			reset_error
+			if
+				attached a_user.hashed_password as l_password and then
+				attached a_user.salt as l_salt and then
+				attached a_user.email as l_email
+			then
+				storage.new_user_from_temporal_user (a_user)
+				error_handler.append (storage.error_handler)
+			else
+				error_handler.add_custom_error (0, "bad new user request", "Missing password or email to create new user!")
+			end
+		end
+
+	new_temp_user (a_user: CMS_TEMP_USER)
+			-- Add a new user `a_user'.
+		require
+			no_id: not a_user.has_id
+			no_hashed_password: a_user.hashed_password = Void
+		do
+			reset_error
+			if
+				attached a_user.password as l_password and then
+				attached a_user.email as l_email
+			then
+				storage.new_temp_user (a_user)
+				error_handler.append (storage.error_handler)
+			else
+				error_handler.add_custom_error (0, "bad new user request", "Missing password or email to create new user!")
+			end
+		end
+
+	remove_activation (a_token: READABLE_STRING_32)
+			-- Remove activation token `a_token', from the storage.
+		do
+			storage.remove_activation (a_token)
+		end
+
+	delete_temp_user (a_user: CMS_TEMP_USER)
+			-- Delete user `a_user'.
+		require
+			has_id: a_user.has_id
+		do
+			reset_error
+			storage.delete_temp_user (a_user)
+			error_handler.append (storage.error_handler)
+		end
+
 note
 	copyright: "2011-2016, Jocelyn Fiat, Javier Velilla, Eiffel Software and others"
 	license: "Eiffel Forum License v2 (see http://www.eiffel.com/licensing/forum.txt)"

From de443a21639df25453ebee234aa6bd4c2164f695 Mon Sep 17 00:00:00 2001
From: Jocelyn Fiat <git@djoce.net>
Date: Wed, 13 Jan 2016 17:30:38 +0100
Subject: [PATCH 6/8] Do not use ODBC by default. (bad for default, since it
 depends on odbc drivers to be installed)

---
 examples/demo/demo-safe.ecf            | 4 ++--
 examples/demo/src/demo_cms_execution.e | 4 ++--
 2 files changed, 4 insertions(+), 4 deletions(-)

diff --git a/examples/demo/demo-safe.ecf b/examples/demo/demo-safe.ecf
index b00a415..afcb68d 100644
--- a/examples/demo/demo-safe.ecf
+++ b/examples/demo/demo-safe.ecf
@@ -39,10 +39,10 @@
 				<assertions/>
 			</option>
 		</library>
-		<library name="persistence_store_odbc" location="..\..\library\persistence\store_odbc\store_odbc-safe.ecf"/>
 		<!--
-		<library name="persistence_store_mysql" location="..\..\library\persistence\store_mysql\store_mysql-safe.ecf" />
+		<library name="persistence_store_odbc" location="..\..\library\persistence\store_odbc\store_odbc-safe.ecf"/>
 		-->
+		<library name="persistence_store_mysql" location="..\..\library\persistence\store_mysql\store_mysql-safe.ecf" />
 		<library name="wsf" location="$ISE_LIBRARY\contrib\library\web\framework\ewf\wsf\wsf-safe.ecf"/>
 		<library name="wsf_extension" location="$ISE_LIBRARY\contrib\library\web\framework\ewf\wsf\wsf_extension-safe.ecf" readonly="false"/>
 	</target>
diff --git a/examples/demo/src/demo_cms_execution.e b/examples/demo/src/demo_cms_execution.e
index c73948f..2c10b97 100644
--- a/examples/demo/src/demo_cms_execution.e
+++ b/examples/demo/src/demo_cms_execution.e
@@ -34,8 +34,8 @@ feature -- CMS storage
 	setup_storage (a_setup: CMS_SETUP)
 		do
 			a_setup.storage_drivers.force (create {CMS_STORAGE_SQLITE3_BUILDER}.make, "sqlite3")
---			a_setup.storage_drivers.force (create {CMS_STORAGE_STORE_MYSQL_BUILDER}.make, "mysql")
-			a_setup.storage_drivers.force (create {CMS_STORAGE_STORE_ODBC_BUILDER}.make, "odbc")
+			a_setup.storage_drivers.force (create {CMS_STORAGE_STORE_MYSQL_BUILDER}.make, "mysql")
+			--a_setup.storage_drivers.force (create {CMS_STORAGE_STORE_ODBC_BUILDER}.make, "odbc")
 		end
 
 feature -- CMS modules

From 2f95c6629552d51ce94cab977e68dbdfcc0abf72 Mon Sep 17 00:00:00 2001
From: jvelilla <javier.hector@gmail.com>
Date: Thu, 14 Jan 2016 08:39:35 -0300
Subject: [PATCH 7/8] Removed unneeded template Updated Sql sentence.

---
 .../block_admin_pending_registrations.tpl     | 21 -------------------
 .../block_admin_pending_registrations.tpl     | 21 -------------------
 2 files changed, 42 deletions(-)
 delete mode 100644 examples/demo/site/modules/auth/templates/block_admin_pending_registrations.tpl
 delete mode 100644 modules/auth/site/templates/block_admin_pending_registrations.tpl

diff --git a/examples/demo/site/modules/auth/templates/block_admin_pending_registrations.tpl b/examples/demo/site/modules/auth/templates/block_admin_pending_registrations.tpl
deleted file mode 100644
index cfc3d90..0000000
--- a/examples/demo/site/modules/auth/templates/block_admin_pending_registrations.tpl
+++ /dev/null
@@ -1,21 +0,0 @@
- <h1 class="page-title">Listing 4 Pending Registrations</h1>
- <ul class="cms-registrations">
-	<li class="cms_pending_user">
-		<ul>
-			<li>
-				Javier - javier@testing
-			</li>
-			<li>
-				Software Developer
-			</li>
-			
-			<li>
-				<a href="http://localhost:9090/admin/user/2">activate</a>
-			</li>
-			<li>
-				<a href="http://localhost:9090/admin/user/2">reject</a>
-			</li>	
-	
-		</ul>		
-	</li>
-</ul>
diff --git a/modules/auth/site/templates/block_admin_pending_registrations.tpl b/modules/auth/site/templates/block_admin_pending_registrations.tpl
deleted file mode 100644
index cfc3d90..0000000
--- a/modules/auth/site/templates/block_admin_pending_registrations.tpl
+++ /dev/null
@@ -1,21 +0,0 @@
- <h1 class="page-title">Listing 4 Pending Registrations</h1>
- <ul class="cms-registrations">
-	<li class="cms_pending_user">
-		<ul>
-			<li>
-				Javier - javier@testing
-			</li>
-			<li>
-				Software Developer
-			</li>
-			
-			<li>
-				<a href="http://localhost:9090/admin/user/2">activate</a>
-			</li>
-			<li>
-				<a href="http://localhost:9090/admin/user/2">reject</a>
-			</li>	
-	
-		</ul>		
-	</li>
-</ul>

From a6642e9f3edfa98a4fafdc37cefef3da0680c904 Mon Sep 17 00:00:00 2001
From: Jocelyn Fiat <git@djoce.net>
Date: Fri, 15 Jan 2016 14:11:51 +0100
Subject: [PATCH 8/8] Fixed location of library "http_client_extension" in
 recaptcha library.

---
 library/recaptcha/recaptcha-safe.ecf | 2 +-
 library/recaptcha/recaptcha.ecf      | 2 +-
 2 files changed, 2 insertions(+), 2 deletions(-)

diff --git a/library/recaptcha/recaptcha-safe.ecf b/library/recaptcha/recaptcha-safe.ecf
index ca1015e..2d950a8 100644
--- a/library/recaptcha/recaptcha-safe.ecf
+++ b/library/recaptcha/recaptcha-safe.ecf
@@ -13,7 +13,7 @@
 		</option>
 		<setting name="console_application" value="true"/>
 		<library name="base" location="$ISE_LIBRARY\library\base\base-safe.ecf"/>
-		<library name="http_client_extension" location="$ISE_LIBRARY\unstable\library\web\cms\library\http_client_extension\http_client_extension-safe.ecf"/>
+		<library name="http_client_extension" location="..\http_client_extension\http_client_extension-safe.ecf"/>
 		<library name="json" location="$ISE_LIBRARY\contrib\library\text\parser\json\library\json-safe.ecf" readonly="false"/>
 		<cluster name="recaptcha" location=".\src\" recursive="true"/>
 	</target>
diff --git a/library/recaptcha/recaptcha.ecf b/library/recaptcha/recaptcha.ecf
index ad960b8..47d123d 100644
--- a/library/recaptcha/recaptcha.ecf
+++ b/library/recaptcha/recaptcha.ecf
@@ -14,7 +14,7 @@
 		<setting name="console_application" value="true"/>
 		<library name="base" location="$ISE_LIBRARY\library\base\base.ecf"/>
 		<library name="base_extension" location="$ISE_LIBRARY\library\base_extension\base_extension.ecf"/>
-		<library name="http_client_extension" location="$ISE_LIBRARY\unstable\library\web\cms\library\http_client_extension\http_client_extension.ecf"/>
+		<library name="http_client_extension" location="..\http_client_extension\http_client_extension.ecf"/>
 		<library name="json" location="$ISE_LIBRARY\contrib\library\text\parser\json\library\json.ecf" readonly="false"/>
 		<cluster name="recaptcha" location=".\src\" recursive="true">
 		</cluster>