|
|
|
|
|
|
by ecesena
1883 days ago
|
|
|
It depends what you’re building :) But in general, always verify. You can let users in with an unverified email (better for growth), but you should still send the email and handle verification. I’ll give you an example. Say you want to add social logins and want avoid duplicated account. You can implement auto linking. I sign up with my email, then I log in with google, if it’s the same email AND I did verify it, then you can auto link. If I didn’t verify my email, you must not. |
|
|