Problem
Currently, users can access the app immediately after registration without verifying their email address. This could present security risks and lead to spam or fake accounts.
Request
- Implement a process requiring users to verify their email address before gaining full access to the app.
- Send a verification email upon registration with a verification link.
- Restrict access to the app's main features until the email is verified.
- Display appropriate notifications to users whose email is unverified.
Acceptance Criteria
- On registration, users receive a verification email with a secure, single-use link.
- Users without a verified email are unable to login or access restricted areas.
- Verified users have no access barriers and receive a confirmation after verification.
- Records/logs for verification attempts are kept for administrational review if needed.
Notes
- Ensure secure implementation to avoid loopholes such as link re-use or brute-force attempts.
- This feature should be compatible with existing authentication mechanisms.
- Add user-friendly messages and error handling for verification steps.
Problem
Currently, users can access the app immediately after registration without verifying their email address. This could present security risks and lead to spam or fake accounts.
Request
Acceptance Criteria
Notes