Right now, we're generating a link that goes to /verify/:emailVerificationToken.
We need to create a corresponding client page that will show some feedback while extracting the token, and hitting a (new) API endpoint to attempt the verification. Perhaps POST /api/v1/users/verify with the emailVerificationToken in the payload.
The API should look up the user by that token, and if found, mark the user as email verified and return a success code. Otherwise, it should return an error code, like 404 not found.
Right now, we're generating a link that goes to
/verify/:emailVerificationToken.We need to create a corresponding client page that will show some feedback while extracting the token, and hitting a (new) API endpoint to attempt the verification. Perhaps
POST /api/v1/users/verifywith the emailVerificationToken in the payload.The API should look up the user by that token, and if found, mark the user as email verified and return a success code. Otherwise, it should return an error code, like 404 not found.