Magic Link Login without automatic user creation #523
Comments
|
Hi, that makes sense. However, this feature should probably be more generic, i.e.:
Regards |
|
This issue has been automatically marked as stale because it has not had recent activity. It will be closed if no further activity occurs. Thank you for your contributions. |
|
autosignup customization is nice to have for all passwordless logins. otherwise, bad actors can miss use this feature to send |
not sure I understand this concern. What would a bad actor gain with this? Also, how would disabling autosignup prevent this? They could still call both /signup/passwordless/email /signin/passwordless/email and hope one of them will send the email. |
my usecase : /signup/passwordless/email should be blocked but /signin/passwordless/email should be allowed and behaved like reset password. |
Allow people to sign up via a form using the sign-up functions from nHost BUT don't auto sign up people when they use magic link login.
Context: I have an app where people can register with all their data and use magic-link as one of the sign-up methods. Unfortunately, people use the magic-link login without registering upfront, leading to "empty" users (no profile data nothing). And an empty app (because they have no data created).
I don't want to disable sign up and create users in my backend. An Option for magic-link login that fails when the user is given instead of creating a new user would be best.
Thanks,
David
Reference: #201 (comment)
The text was updated successfully, but these errors were encountered: