I'm working on an application where users can register when they recieve an email invitation for the app. Right now what I do is generate invitation-codes that are sent to the users and stored in the database. The user then goes to the url given in the email which contain the invitation code, like this:
http://myapp.com/user/register/56jk4564k6567kj686kjh56
I was wandering if another aproaches are better, like storing only the email of the user and avoiding sending invitation codes.
Also, using the invitation codes, is there any need of encrypt them?