the basic steps for double opt in are:
database:
you need to add 2 new columns to the users table:
randomString - text
emailVarified - int. default value 0. will be updated to 1 when the user verifies the email
Registration:
On the registration page, use the security assist random password feature to create a random string Store the random string in a session variable.
In the insert Record behavior, set the new randomString column to use the session variable value.
The Insert record behavior will store ID of the new record in a session variable, make note of the session variable name in the Store As section of the Insert Record behavior.
Registration Email:
the registration email will have a link to the usrConfirm page. this link will pass the UserID session variable and the random string session variable as querystring variables:
userConfirm.php?id=<UserID Session value>&randomString=<random string session value>
userConfirm.php:
The userConfirm.php page will have a recporset to filter the userID column on the ID querystring value and the randomString column on the randomString querystring value.
also an Update record behavior that is triggered if the recordset is not empty to update the emailVarified column to 1.
Login:
On the login page, edit the authenticate user behavior, On the second step, click the plus button to add another condition. Select the emailVarified column and set the value to 1.
This will cause login to pass only if the emailVarified gets updated to 1.
The User registration solution pack uses this method. If you examine the registration process in the User Registration solution pack, It will demonstrate how this is all put together.