Replies: 1 comment
-
|
Im currently using token auth via email for my registration/login if you wanted to see how I've been doing it. https://github.com/Rykuno/TofuStack/tree/main/src/lib/server/api |
Beta Was this translation helpful? Give feedback.
0 replies
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Uh oh!
There was an error while loading. Please reload this page.
Uh oh!
There was an error while loading. Please reload this page.
-
I want to implement passwordless login to my app, like firebase magic link login but with one time codes.
I think this guide has needed information — https://lucia-auth.com/guides/email-and-password/email-verification-codes, but it puts heavy emphasis on being «verify user email for username + password login, in case user forgets his password».
I fear that it might possess some security flaws, that are not critical for verification but critical for account access.
Is email verification guide legit for implementing magic link/one time code auth?
P.S. I saw likewise thread here #257, but it was prior v3, and also has no clear answer
Beta Was this translation helpful? Give feedback.
All reactions