Description
Currently, users can sign up and immediately access the application without verifying their email address.
Email verification is important to:
- Prevent fake or spam accounts
- Improve account authenticity
- Enhance overall platform security
- Enable future features like password recovery safeguards
This feature will introduce an email verification process before granting full access to the platform.
Proposed Solution
- Generate email verification token during signup
- Store:
verificationTokenverificationTokenExpires
- Send verification email with secure link
- Add verification endpoint:
/api/auth/verify-email/:token
- Block login if
isVerified is false
- Mark user as verified after successful confirmation
🚧 Implementation Note
This is planned as a future enhancement and may be scheduled for a later milestone.
Acceptance Criteria
Description
Currently, users can sign up and immediately access the application without verifying their email address.
Email verification is important to:
This feature will introduce an email verification process before granting full access to the platform.
Proposed Solution
verificationTokenverificationTokenExpires/api/auth/verify-email/:tokenisVerifiedis false🚧 Implementation Note
This is planned as a future enhancement and may be scheduled for a later milestone.
Acceptance Criteria