-
Notifications
You must be signed in to change notification settings - Fork 318
Commit
This commit does not belong to any branch on this repository, and may belong to a fork outside of the repository.
feat: allow
POST /verify
to accept a token hash (#1165)
## What kind of change does this PR introduce? * To enable server-side redirection via an email link, we need some way to return the session in the response body rather than in the query fragments (`GET /verify`) because the fragments can't be parsed on the server-side. * By allowing `POST /verify` to accept just a token hash, a developer would be able to set the verification URL in their email template to point to their own endpoint (`https://myapp.com/confirm-signup?token_hash=XXX&type=signup`) and parse the `token_hash` param before calling `POST /verify` with the following: ```bash curl -X POST 'http://localhost:9999/verify' -H 'Content-Type: application/json' \ -d '{"token_hash": "my_token_hash", "type": "signup" }' ``` If the token hash is valid and the request is successful, this would return the verified user's session in the response and the developer can subsequently handle any redirection on their own. --------- Co-authored-by: Stojan Dimitrovski <sdimitrovski@gmail.com>
- Loading branch information
1 parent
154dd91
commit e9ab555
Showing
2 changed files
with
215 additions
and
89 deletions.
There are no files selected for viewing
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Oops, something went wrong.