The email is sent automatically when an admin user creates a new user with an email address. So my aim was to avoid having users redirected to the admin dashboard when they first login after creating a password for a new user account, through the emailed link. I did this by hard coding the site slug into the redirect in LoginController.php. So create password redirects to login redirects to the site, rather than admin. This works since the default site is meant to be the only restricted site for this project. If integrated with your module, I think it would be better for
(a) user creation to include assignment to a site’s list of users (I had to do this in two steps)
(b) create password form to live on a particular site, like your login form in RestrictedSites, to allow for multiple redirects working from the current site.
None of what I am doing involves user self registration, but that would also be an interesting possibility. As it is, I as admin am creating users, adding them to the site’s list of users right away, so that by the time they create a password and log in they will be authorized on the restricted site. Otherwise, the login form redirecting to the site would result in a 403 Forbidden.
I also commented out the addition of “Successfully logged in” to messages so it would not ultimately appear when they log out of the restricted site, above “Successfully logged out”.
Please let me know if I can elaborate further.