Registering - Force email confirmation?
-
Hey I'm about to go in Production in the next few days.
I want to make sure that user verify their email address before being able to login.I checked "Require Email confirmation" in Admin panel Settings/User, but the user can still login in before he has clicked the link in the confirmation mail.
Is there a way to not let the user login like that?
Thanks
-
It will let them login. But nothing else. So they cant post or access anything that you've denied access to to registered members. Probably should be a check on login though. Or at least something that's checked every 10-15 seconds just in case someone verifies the email while logged in.
-
Oh oh I assumed they had access after login, good to know! [solved]
-
Sorry to hijack this post, but this advice isn't quite right?
Nodebb doesn't differentiate between a confirmed or unconfirmed user, they both occupy the same "registered users" group.
For example on my forums, I offer downloadable files that are only available to registered users, which is ok because guests can't view or download the files, but suppose someone uses a fictional email address? They gain access .... even though they haven't confirmed their address.
Access control would work as expected if there was an "email confirmed" user group.
Regards, Lee
-
I'm going to bump this year old topic to see if it can get more attention. I really feel that NodeBB should differentiate between a registered user, and a user who still needs to validate their email.
While these accounts can't post, they can access all sorts of content that I have open to regular user accounts. A work around would to be a secondary group, reward promotion and require something like an introduction post, but this is by no means the standard procedure on a forum.
-
This post is deleted!
