consider re-working internal process for how users are invited

[iainkirkpatrick]

out of a discussion with Greg this afternoon, I had the idea that we could improve the process by which we invite / add new members to groups (and thus Cobuy)

at the moment:

• admin adds group members on invite form
• this triggers agent creation for these members, and subsequent credential creation (of an email / pass type, this is created without password but with the given email)
• also triggers token creation for the invited users to be able to visit a special page and update their password

problem is this restricts users to email / pass credentials atm, also feels a bit weird to me to create agents / credentials before the relevant users do...

so i wonder if instead:

• admin adds group members on invite form
• create a token which contains the email the admin entered for the user, and the relevant group
• this token is sent in an email to the user, it links to either the main sign up page or a special sign up page with the token - either way the user is now prompted to sign up with whatever credential they want (and a different email if they choose!)
• when the user signs up, we check for token info, if so also create the relationship to the given group

thoughts / critique welcome 🎉