My app does not use the Google Users service, but instead, I've created a custom Account kind to handle users:
class Account(ndb.Model):
username = ndb.StringProperty(required = True)
pw_hash = ndb.StringProperty(required = True)
email = ndb.StringProperty(required = True)
created = ndb.DateTimeProperty(auto_now_add = True)
What is the best method to handle user account verification via email? I'm fairly new to this, and I have not been exposed to how email verification would work.
I would guess that when an Account entity is created, an email would be sent via the mail module to the email provided during sign up. The email would contain a 'verify' link. What would this link look like, and how would it work?
Any tip on where to get started would be appreciated.
You can store an extra property "hashedLink" in Account,which will be a md5sum of random words. Send the "hashedLink" in email as /url/activate?link=hashedLink
Whenever user clicks on the link, use the hashedLink to activate the account of the user.
You can use the same hashedLink attribute for "Forgot password" feature.