We’ve had an option to allow users to RSVP for events by clicking on a link in their email that contains a special token that identifies them. This has been very convenient and is a well-liked feature. This token did not log the user in however - it just allowed them to RSVP. For example, you couldn’t use this token to RSVP and then visit your dashboard. When you went to your dashboard you were prompted to login.
The new shopping cart has pushed this solution to the edge, and I’ve been re-thinking it. I would like to change the token authentication so that instead of providing limited access it simply logs the user in and gives them full access (based on their privileges, of course).
Many sites (slack, twitter, others) allow this type of login. I think it will be a convenience that will be appreciated, but it requires one change that is important to understand: all users will need to have a login.
In the past it was possible to add a user without creating a user account (ie. username and password). If we go this route, this will no longer be the case.
In my mind, this is an improvement. You lose a lot of value from TT if you don’t let adults log in to the system.
Let me know what you think.