Hi everybody; I hope you can help me figure the best way to implement a manual (server-side initiated) login without using the password. Let me explain the workflow:
- User registers
- Thank you! An email with an activation link has been sent blablabla
- (Account now exists but is marked not enabled)
- User opens email, clicks link
- (Account is enabled)
- Thank you! You can now use the site
What I'm trying to do is log in the user after he has clicked the email link so he can start using the website right away.
I can't use his password since it's encrypted in the DB, is the only option writing a custom authentication backend?