The hashed token is stored in the database, and the "non-hashed" token is what is sent in the email link. Could someone explain to me why the the raw token is used in the email, and not the hashed token? Are there any security implications by using the raw token vs. the hashed token in the email link?