确认电子邮件链接提交ID的最佳方式 [英] Best way for confirmation email links to submit ID

问题描述

我有一个网站向某人发送确认电子邮件。

I've got a web site sending someone a confirmation email.

现在在电子邮件中，我想要一个链接，用户必须点击确认他收到邮件。

Now in the email I would like to have a link the user has to click to confirm he received the mail.

我想将用户的密码（或一些随机密码）包含在确认地址中，因此用户不需要手动输入再次，但是如果我这样做，密码将最终在浏览器历史记录和日志文件中。

I'd like to include the user's password (or some random code) into the confirmation address, so the user does not need to enter it by hand again, but if I do this, the password will end up in the browser history and the log files.

有什么其他方法可以在电子邮件中获取确认链接发送像用户名和密码这样的信息，而不是以某种方式结束链接？

例如，可以在电子邮件中输入一个输入表单，并将密码发送为POST而不是GET ？

Is there any other way to get a confirmation link in an email to send information like a user name and password, without it ending up in the link somehow?
Is it, for example, possible to have an input form in an email and send the password as POST instead of GET?

推荐答案

通常工作方式是确认电子邮件包含一个包含一些GUID（全球唯一标识符）的链接分类。 GUID与用户的帐户相关联。当链接被点击时，Web应用程序只需设置确认标志，并使用GUID记录用户，而不是通常的用户名和密码组合。

The way this usually works is that the confirmation email contains a link that includes a GUID (Globally Unique Identifier) of some sort. The GUID is associated with the user's account. When the link is clicked the web application simply sets the confirmation flag and logs the user in using the GUID rather than the usual username and password combination.

这篇关于确认电子邮件链接提交ID的最佳方式的文章就介绍到这了，希望我们推荐的答案对大家有所帮助，也希望大家多多支持IT屋！