How to implement a guest user confirmation system by email

1

In the system, the user registration will not be free. Each user will be invited by email to join.

In the user table I briefly have the following attributes:

$table->increments('id')->unsigned();
$table->string('nome', 45);
$table->string('email', 64)->unique();
$table->string('username', 45)->nullable();
$table->string('senha', 20)->nullable();
$table->string('codigo', 100)->nullable();
$table->boolean('ativo')->default(false);

I've never worked with this kind of confirmation, so I figured out the following algorithm (sequence):

  • To invite a user, the administrator should fill in the guest's name and email .

  • So the invited user will receive an email with the invitation.

  • In the forwarded email, there will be a link that points to the route: hostname / code (where code is an attribute with unique content for each user guest).

  • If this route is accessed the user becomes active on the system.

  • Is this step-by-step for user authentication relatively correct? And the password? Would it be convenient for the administrator to set an initial password for the guest? I need ideas.

        
    asked by anonymous 04.08.2015 / 21:27

    1 answer

    4

    You can do the following, create a system where you are asking for email and name of the person, and then you can create a token with random number and then encrypt in md5, save this value, user id, email the name of that person. In the mail () function, create a link with generated code, email, and id all in a link.

    Create a page to receive these values and validate in the database, if it is correct, create a session of any name and put a value and then direct to a page, where the user will complete the registration, with full name and bla bla This page will only be entered if there is a session that will be created if the result is positive. Remember to make the page delete its token, so someone else does not use it.

    If you want you can create another script to update the token if the user enters the link and does not complete the registration and send a new email with the link.

        
    04.08.2015 / 22:07