User Registration & Verification
Step-by-step for user sign-up and email verification using Basic Authentication.
Last updated
Was this helpful?
Step-by-step for user sign-up and email verification using Basic Authentication.
This workflow covers creating a user account with email/password and verifying the email address before allowing login.
Users table in the helper file with fields for: email, passwordHash, isVerified, isEnabled, and timestamps
Email delivery configured in onAuthNotifier (server-side) for verification messages
User submits the registration form
Run authRegister action
Helper file creates the user (password stored as a one-way hash)
System sends verification email with a time-bound verification link
User clicks the link and lands on a verification page
Run authVerify action on page load to confirm the token
Mark the user record as verified (isVerified = True)
Optionally sign the user in or redirect to login
Registration page: authRegister
Verification page: authVerify (recommended to run in an onFormLoad named action)
Optional resend-verification UI: authResend (requires email)
onRegistration: optional post-registration business logic
onAuthNotifier: send verification email and any admin notifications
Verification tokens should be treated as secrets; avoid logging or storing them in cleartext
Verification tokens should be time-bound and single-use
Registration pages must provide email and password in the page model before running authRegister
If you want a second "confirm password" field, use a custom validator to compare password and password2
Authentication feedback can be shown with model.authMessage, or more robustly with model.authMessageCode and model.authMessageType
Verification pages usually run authVerify automatically in onFormLoad
The verification action reads the token from the URL; you generally do not need to parse it manually
Users must still be enabled (isEnabled = true) to sign in after verification
Last updated
Was this helpful?
Was this helpful?