🔖 Feature description
Have the account update magic url session flow also verify the email of user the session is being created for.
🎤 Pitch
Currently the create magic url session flow will, for a given email address and redirect url:
- create a user if none exists for the address
- send an email to the address with the redirect url and the
userId of the user and a temporary secret parameters attached to the redirect url
- clients are to handle the redirect url, taking the
userId and secret and calling update magic url session to confirm the userId and secret for a Session object
The process of the client confirming the userId and secret does not automatically verify the email of the associated user and an additional step is explicitly required to verify the user, even though the user is implicitly verified and given a Session.
👀 Have you spent some time to check if this issue has been raised before?
🏢 Have you read the Code of Conduct?
🔖 Feature description
Have the account
update magic url sessionflow also verify the email of user the session is being created for.🎤 Pitch
Currently the create magic url session flow will, for a given email address and redirect url:
userIdof the user and a temporarysecretparameters attached to the redirect urluserIdandsecretand callingupdate magic url sessionto confirm the userId and secret for a Session objectThe process of the client confirming the
userIdandsecretdoes not automatically verify the email of the associated user and an additional step is explicitly required to verify the user, even though the user is implicitly verified and given a Session.👀 Have you spent some time to check if this issue has been raised before?
🏢 Have you read the Code of Conduct?