We've discussed that we should add a link to the login email so that you don't need to copy and paste the code.
The user should be able to click on the link for something like /verify/:email/:code, but I don't know the next step.
Should the user:
Be automatically logged in and redirected to e.g. Agora
Be asked to return to the previous tab which will now be logged in
Furthermore, we need the email in the link. Perhaps we can take two birds with one stone and do base64.encode(email + code) as a token? Then there won't be any history with the email in the URL.
EDIT: Maybe it's possible to get the email from localStorage, but I'm not sure I like that option.
We've discussed that we should add a link to the login email so that you don't need to copy and paste the code.
The user should be able to click on the link for something like
/verify/:email/:code
, but I don't know the next step.Should the user:
Furthermore, we need the email in the link. Perhaps we can take two birds with one stone and do
base64.encode(email + code)
as atoken
? Then there won't be any history with the email in the URL.EDIT: Maybe it's possible to get the email from localStorage, but I'm not sure I like that option.