Right now when a user clicks on the link we send to their email, they are sent to a page to verify their email. The issue is that any user can navigate directly to the email verification page by typing the verification page URL into their browser. This means that users with a pending email verification could verify their email without actually following the link from the email.
What can I do to prevent this?
How can I change the URL whenever a user clicks the email link?
Even if a user navigates to the page by directly pasting the url, it won’t work bcoz the link that gets sent to email for verification has a unique token with it. It will verify only if the same user uses the link to verify the email.
Moreover you can use the below condition (see image) on a page that you want to restrict to only for email verified users.
The email confirmed option is a default by bubble, so it works good.
