|
|
|
|
|
|
by zeveb
3391 days ago
|
|
|
> Whoever decided that email verification was a poor user experience needs to be hit in the head with a shovel after he digs the appropriate sized hole. That's why you get send the verification email first, when creating the application user, and don't do anything until the email is verified. The flow should be: User: Please give me an account; my email address is jim@example.invalid Server: I have sent an email to jim@example.invalid Server → jim@example.invalid: Please go to https://server.invalid/register?token=KDU6dG9rZW4xOWppbUBleG... User: visits URL, completes registration |
|
|