When logintoboggan is configured with a pre-authenticated role, it allows any user to register and set their password when they log in, but puts them in a special "not yet authenticated" role which limits their privileges. When the user validates their email address, they are removed from this role and get full access to the site.
This patch removes users from the pre-authenticated role if they have accepted an invitation by code. Since they received the invitation, they must have access to the email account where it was sent, so accepting the invitation verifies the address just as well as Logintoboggan's validation emails do.
| Comment | File | Size | Author |
|---|---|---|---|
| #1 | invite_no_autoaccept.patch | 2.59 KB | scottgifford |
| invite_logintoboggan_role.patch | 742 bytes | scottgifford |
Comments
Comment #1
scottgifford commentedAlso, if invite_accept is treated as confirming an email address, it should only be called if the user has explicitly accepted an invitation by ID, and not if the user registered and we found an invitation for them lying around. This patch implements that change.
Comment #2
Gabriel R. commentedThis is a very useful feature and something we will try to add to our site.
Before we start hacking at it, is there an update to the above patch? Maybe a Drupal 6 version?
I don't dare moving this to 6.x ... but I will when we start work on it.
Comment #3
Seph commentedHave either of these been committed to the current version of Invite for Drupal 7?
Comment #4
ckngLooks like a useful feature, KIV for 7.x-4.x.
Comment #5
ckngMarked as duplicate of #171765: Enhanced compatibility /w LoginToboggan
Comment #6
ckng