I'm using Display Suite to manage my user edit / register form so some of this might be related but I doubt it.

Here's the situation:
- Invitation is created
- custom code solution is sending out an email (rather than using rules)
- invited user sees the email, clicks on the invitation link (invitation/%token, with %token subbed in)
- invited user fulls out the user register form, clicks submit
- invited user is redirected to login prompt, not logged in, and a message displays "Registration successful. You are now logged in."

I think the main thing that is not happening here is that $account[status] needs to be set to 1 to make the user active (ie. not blocked). If the user is saved with the block status then the call to user_login_submit() does not create a session.

Now, it looks like there are some other problems with _invites_overrides_user_register_form_submit(), because it doesn't seem like the function really is handling variable_get('user_email_verification', TRUE) properly. If the site is requiring email verification, then it should not be logging the user in here. It should be requiring the user to go to their email, and click the password change command from there.

Potentially there is the idea that invited users should be fast-tracked through and not have to click the 2nd email link. I get that, but that should be a setting. If "Require email verification" is set to yes, then the password will be generated automatically, and emailed, and I don't think it's good UX to be able to auto-log the user in before having seen the password.

Additionally this function could get more complicated if users were allowed to sign up accounts with a different email address than their invite came with, because if users change their email address then we'd want to force the email verification before logging them in.

For now, I am leaving email verification off, allowing users to log in immediately, and I have patched invites to set user status to yes across the board.

Patch to follow.

CommentFileSizeAuthor
#4 invites.patch678 bytesmarinaglancy
#3 invites.patch538 bytesmarinaglancy
#2 invites_set_user_status_true-1958490-1.patch444 bytesdtarc
#1 invites_set_user_status_true-1958490-1.patch444 bytesdtarc

Comments

dtarc’s picture

dtarc commented
StatusFileSize
new invites_set_user_status_true-1958490-1.patch444 bytes
dtarc’s picture

dtarc commented
Status: Active » Needs review
StatusFileSize
new invites_set_user_status_true-1958490-1.patch444 bytes

Here's the patch

marinaglancy’s picture

marinaglancy commented
StatusFileSize
new invites.patch538 bytes

Hi, I also experienced the same problem but in my opinion, since the user has already received the invitation link via email, no additional email verification is needed. Attaching my suggested patch.

marinaglancy’s picture

marinaglancy commented
StatusFileSize
new invites.patch678 bytes

sorry, it was a patch for another issue in my previous post. Here is a new one: