ICEBOX: FEATURE: Require verification of email addresses when a user is self registering

[matthewtomo]

Current Behavior:

• A user can self register with any email address.
• There is no verification step to ensure that the email address belongs to that user.

Potential Concerns:

• This would allow users to register an account with a different person's email address (could be a security concern)
• If a user does not use an email address to which they actually have access, then they can not reset their password if it is forgotten.

Desired behavior:

• [ ] When a user enters an email during the self registration process, they are require to verify their email address.

Acceptance Criteria:

• [ ] We identify how we would like the user to verify their email address in the user flow (one-time-password in the form, clicking link sent to email afterwards, etc)
• [ ] User must verify email address through the option decided upon above

Special thanks to @tejaspesquare for identifying this potential issue

[matthewtomo]

sim_ui_workflow wk_4 2024_09 @matthewtomo @jamesmrollins @ljmoody

• Deciding to leave as is for now and see if issues related to this occur

[lzim]

@matthewtomo

• This is a good catch.
• Current state of our team approving known users when they register is sufficient for verification.
• Changing to reflect "ICEBOX"