-
-
Notifications
You must be signed in to change notification settings - Fork 153
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
Allow unconfirmed access #428
Comments
This is something you could easily deal with in a plug. I would just diff on the It's also very impl. specific. For me, Pow gives you the building blocks to easily add and restructere your impl. without compromsing security or development speed. |
Hello @Schultzer Thanks for getting back.
I don't understand that.
How is it? It just does what is expected: login after registration and allow login for N days before getting locked. It feels to me like the promise of migrating from coherence like a breathe is not held here. |
Looking closer at the docs you properly have to use the This can still easily been done with a plug. So I would just create a plug and add it to my pipeline right after There might be application that would never require a feature like that, but if you feel strongly about this you could always open a PR with an extension that add this feature. |
But if I set it after |
Ohh sorry if that's the case, I would just copy and paste the |
It's discussed here: #66 (and also in #323) The suggested approach won't work as the session is deleted before it reaches I'm a bit swamped at the moment but I'll take a look at the options when I've some more time to think it through. My thought is to make it customizable with a plug private key in #66 (comment). It makes sense to adjust the flow in the plug, but at the same time I feel this touches a core issue with how to adjust auth flow explicitly. I do think that I made a mistake by halting flow with Let me get back to this soon 😄 |
I forked to allow unconfirmed access, and disabled the automatic resend of confirmation email, which doesn't match the UX we want to provide.
But then I have a new case: if a user triggers this action but has no I'll customize that, but if you add the |
This sounds like a can of worms. I think a better approach would be plugs and custom controllers rather than forking and trying to inject configurations in a codebase you don't have the full scope of yet. The Idea with plugs, extensions and custom controllers is that you can deal with a problem in an isolated state, that means that you don't have to change everything and can slowly build out Pow to your needs and, at some point maybe even share it with the community. |
With coherence, it was possible to set (from the doc)
Ain't there a similar option in pow? Why not?
The text was updated successfully, but these errors were encountered: