include institution email on registration

[bendichter]

I’ve been reflecting on our current registration workflow for DANDI and have noticed both personal frustration and similar feelings from other users, particularly regarding the integration of GitHub accounts that aren’t linked with .edu email addresses. This often triggers a review process that can be cumbersome for us and frustrating for the users.

Proposed Change: I suggest we implement a more automated verification process on our registration page. Specifically, users could enter a .edu or .gov email address during registration (more can be added as needed). Upon submission, they would receive an email with a verification link. Clicking this link would automatically complete their registration, thus bypassing the need for manual review for these accounts. (the site authentication would not change and would still be under GitHub)

Benefits:

• Efficiency: Reduces the time and resources spent on manual reviews.
• User Experience: Streamlines the process for legitimate researchers, enhancing their initial interaction with DANDI.
• Error Reduction: Minimizes the potential for errors associated with the manual verification process.

For users without a .edu or .gov email: We would continue with the current manual review process. While this remains laborious, it would occur less frequently under the new system, allowing us to allocate resources more effectively.

I believe this adjustment could significantly improve our registration workflow and user satisfaction. I would appreciate your thoughts on this proposal and any feedback you might have.

[bendichter]

Specifically, this would require:

1. Update Registration Form:

   • Add a field for users to enter their institutional email address (.edu, .gov, etc.)
   • Make this field optional, as not all users will have an institutional email
   • Add validation to ensure entered emails are in the correct format

2. Create Email Verification System:

   • Set up an email service to send verification emails (e.g., SendGrid, Mailgun)
   • Upon form submission, if an institutional email was provided:
     • Generate a unique verification link
     • Send an email to the provided address containing this link
   • If no institutional email was provided, proceed with the current manual review process

3. Implement Verification Link Handler:

   • Create a new route in the application to handle verification link clicks
   • When a link is clicked:
     • Check if the link is valid and has not expired
     • If valid, automatically mark the associated user account as verified
     • Redirect the user to a success page or login page

4. Update Manual Review Process:

   • Modify the current manual review process to handle only registrations without institutional emails
   • Ensure admin tools clearly distinguish between automatically verified and pending review accounts

5. Update the handbook accordingly

[waxlamp]

This is a great idea, @bendichter, and a milder version of something I had been toying with in my head. Will take a look at how to implement this.

[kabilar]

Thank you, @waxlamp. Based on our discussions in standup and elsewhere, I think that improving the onboarding workflow with Ben's suggestion above and other GitHub issues would have a high impact on the user experience.