[英]How to handle email invite system with user accounts
What's the standard/best way to handle the following situation? 处理以下情况的标准/最佳方法是什么?
A user enters email address user1@example.com to send an invite to an event on a website. 用户输入电子邮件地址user1@example.com,以发送邀请参加网站上的活动。 The person receiving the invite already has an account at the website but has signed up with user2@example.com as their email address.
接收邀请的人已经在该网站上拥有一个帐户,但已使用user2@example.com进行注册作为其电子邮件地址。
How do I verify that it's the right person while letting the user sign in with their actual account? 在让用户使用其实际帐户登录时,如何验证自己是正确的人? I can use an invite ID to tie that account with that invite but what's stopping any person with access to that ID logging in?
我可以使用邀请ID将该帐户与该邀请绑定,但是什么阻止任何有权访问该ID的人登录?
It depends on your level of trust. 这取决于您的信任程度。 You have a few choices:
您有几种选择:
声明:本站的技术帖子网页,遵循CC BY-SA 4.0协议,如果您需要转载,请注明本站网址或者原文地址。任何问题请咨询:yoyou2525@163.com.