After a user registers, he should receive an email containing a link to activate his account.
Status quo
Currently, there is just the following:
No-Opt
removal only via responsible security administrator
Further development
In any case, the following setting must be configurable in administration section
[ ] Settings page/entry for user confirmation type (None/Double-Opt-In/Double-Opt-Out)
[ ] Confirmation type and step with timestamp must be stored in user profile
Bear in mind
already existing user accounts won't be validated/confirmed without explicit re-validation (administration feature might be another separate feature request)
Imported user accounts (see administration pages >> users >> import users) never start a validation process
Double-Opt-In
[ ] Send E-Mail containing removal link
[ ] After logging in, provide a delete account for the user in navigation >> Your Profile
Double-Opt-Out
(Possible) Todos
[ ] Create/Adjust email templates
[ ] Send E-Mail containing activation link
[ ] Account should remain deactivated until the user opens the activation link
[ ] Indicate in the Administration UI whether a user is deactivated or pending registration.
[ ] Cleanup of accounts that have not been activated within a certian period (e. g. 24 hours)
[ ] Administrator should be able to choose whether to use the current system (account is immediatly activated ) or the new system (activation link).
After a user registers, he should receive an email containing a link to activate his account.
Status quo
Currently, there is just the following:
Further development
In any case, the following setting must be configurable in administration section
Bear in mind
Double-Opt-In
Double-Opt-Out
(Possible) Todos
(To be expanded, also see/review email of KH)