Rethinking User Signup and Confirmation Process
I initially wrote it so that an email is generated with a link back to the site containing a confirmation token. The system compares the token in the link against the token stored in the database. If they match the user is confirmed. If they do not match the user has an option to regenerate a confirmation token and try again. On reviewing the work, I don't think using a link containing the token is the best option. I'm going to rewrite it to use a web form requiring email address, password, and confirmation token. If the tokens match, the user is confirmed and can post. If the user is not, they can generate a new token which will be sent to their email address so they can try again.
I really wish Rails 8 came with this built-in.
I really wish Rails 8 came with this built-in.