Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Alternative Login Method: One Time Code #35

Closed
cstrnt opened this issue Jan 24, 2024 · 7 comments
Closed

Alternative Login Method: One Time Code #35

cstrnt opened this issue Jan 24, 2024 · 7 comments
Assignees
@McPizza0
Labels
enhancement New feature or request pending triage these issues are not ready to be worked on yet typescript code is mostly backend/typescript based

Comments

@cstrnt
Copy link
Contributor

cstrnt commented Jan 24, 2024

Problem
Currently, the only way to use UnInbox is by Passkey Auth. While passkeys are a super nice technology and are really secure they're not that well known (yet) and this might hinder people from using UnInbox and that should never be a blocker.

Constraints:

  • no external services
  • great user experience

Proposed Solution
Implement a One Time Code login method. When the user wants to sign-up / login they will need to enter an email address.
They will receive an email containing a code containing 6 characters (number/uppercase letters). They can then enter this code in combination with their email to login or signup.

Technical Details

  • The code must be shortlived (< 3 mins?) and bound to an email address (compound index) and should be stored hashed in the database.
  • We need to write a custom auth.js provider for that, the email/magiclink provider should be a good reference / starting point
@cstrnt cstrnt added the enhancement New feature or request label Jan 24, 2024
@skushagra9
Copy link
Contributor

can I work on this ??

@cstrnt
Copy link
Contributor Author

cstrnt commented Jan 24, 2024

@skushagra9 we'll still need to discuss some things regarding the implementation. Will keep you in the loop. Also @simonorzel26 had some interest in doing this

@simonorzel26
Copy link
Contributor

you can assign to me if needed

@McPizza0 McPizza0 added nuxt/vue typescript code is mostly backend/typescript based labels Jan 24, 2024
@McPizza0 McPizza0 added the pending triage these issues are not ready to be worked on yet label Feb 3, 2024
@McPizza0
Copy link
Member

McPizza0 commented Feb 3, 2024

@simonorzel26 we're putting this on hold as we evaluate switching to Lucia auth

@McPizza0 McPizza0 assigned McPizza0 and unassigned simonorzel26 Feb 12, 2024
@McPizza0
Copy link
Member

working on a larger refactor of the auth system, will work this in somehow

@ezra-en
Copy link
Contributor

ezra-en commented Feb 16, 2024
edited
Loading

#81 is directly related to this issue, and #79 switches us over to Lucia as required.

@McPizza0
Copy link
Member

closing in favor of #81

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees

@McPizza0 McPizza0

Labels
enhancement New feature or request pending triage these issues are not ready to be worked on yet typescript code is mostly backend/typescript based
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
5 participants
@ezra-en @McPizza0 @cstrnt @simonorzel26 @skushagra9