Some of the custom techniques I needed to employ in this application were:
- Verify email address for new users
- Send email message with link to verify email confirmation token
- Prevent login for users who have not confirmed their email address
Along the way I ran into the dreaded "Invalid Token" error. If you have or are dealing with this error now, watch the video, and the solution is explained at 9:30.
Be aware that I only tested this with the Confirm Email process and not the Forgot Password process, which also creates a token. But I'm sure if you get the same error, the reason is probably the same and you can solve it with this method.