I have users sending messages to other users with links in the email.
If the users click on the links in the email they go to the message in the app, but invariably they arent logged in and have to do so before getting to the page they want to go to.
I want to build a login_from_token functionality that would add a token for the user who receives the email so that the link will go directly to the page, and in the process log them in.
My question: How safe is this? Are their issues with this approach in terms of privacy?
The email is supposed to be personal email accounts so in principle the link would be as safe as the email account?
I would appreciate your thoughts.