The limitation of email

I'm designing a email to summarize users' states and this email would provide some suggestion to users to tak开发者_运维问答e action in their accounts. So, I'm wondering that is there a way to allow users get into their own account from a email right away without one more login step?

Of course. If you're writing the application, anything is possible.

The usual way to go about this is to include an "authenticator" in each link you provide to the application. Where when we say "authenticator" what we mean is "random letters and numbers".

Each link you include might look like:

<a href="...?auth=ilTmMDiTL0d46ZmNfDOpme84t3E8XdEbeFbRSZyCSoAiIkGFr2gRQnRFrtmaA4i">Delete My Account Forever</a>

To make this work, your database will need to record that ilTmMDiTL0d46ZmNfDOpme84t3E8XdEbeFbRSZyCSoAiIkGFr2gRQnRFrtmaA4i is a valid authenticator to get access to, say, VoteyDisciple's account. So when that string shows up, you know to log me in.

The problem, of course, is that if anyone else ever sees that e-mail (including if I were to forward it to someone) they too could click the link and now impersonate me! You can mitigate this somewhat by imposing a time limit on how long such an authenticator is valid, by limiting its use to only one specific action (e.g., "I'll let you do X, but then if you want to do anything else you'll need to login), or by other means.

But in the end the fact that your goal is to let people "login" without logging in suggests this isn't a high-security environment, so the risk that an authenticator may be compromised may not be of any great concern.

You could generate a unique one-time URL to allow the user to login by storing the token in a database and associating it with the user's account. You could structure the URL like this, if you want:

http://www.example.com/login.php?token=EWYAOpJBHgEioVrWRDzeDGhySEyOGKpsaUIe0EnF

The random stuff at the end would be virtually impossible to crack by brute force, as you can make it arbitrarily long.

Once the user logs in using that URL, you can prevent it from being used again by making it redirect to the home page, give an error message saying that the URL was temporary and has expired, or offer the user a button which sends a email with another URL.

But I think it would be better if you were to just provide the user with a partially-filled form (having only the username) when they clicked the link, as that URL could be recycled or left to die without worrying about a rogue brute-forcer.