Hello,
It's for an association website. The president of the association proposes to a new member to register to the application.
I want this functionality :
the admin enters the email of the new member in a field
the admin clicks on the send button
the new member receives an email with a link
the new member clicks on the link and is automatically registered on the application, now he is a user
the user is redirected to a form to enter his password and password_confirmation
the user is connected to the application
What's the best way to do that ?
I thought about creating a sign link with a token valid only the a specific email and send this link.
Do you have any other suggestion ?
Tbanks for your answer.
V
Send the new user a secure link, which includes their email address.
When they click the link, send them to a controller that verifies the link and creates a new user record, after first checking that they don't already exist.
Prompt the user to enter a password and password_confirmation then update their record and log them in.
Thats what I would do,
@Snapey Is it a good or a bad idea to store the invitations in the database ?
Hmmm ... What is interesting storing the invitations in the database is to be able to resend manually the invitation if the user hasn't received it.
@vincent15000 It might be useful to show the admin what invitations are outstanding but I don't think it alters the solution.
I prefer not to keep it so that there is less data to worry about with respect to GDPR
@Snapey GDPR is exactly what I thought about too. For the moment I will create a simple signed URL and nothing related to the invitation will be stored in the database.
Please or to participate in this conversation.