-
i think that teh example could say that teh facebook login returns a regular `Authorization: ` header. This way it is clear that we can just make a secondary rodauth config, just for facebook login, a…
-
**Problem**
When user changes the email, the `verify_change_login` feature sets his account status as unverified. From then on the user needs access to the email message with the link to continue o…
-
Hi. I want to change response body to put one more token on login and create_account.
I use JWT and I found one example do it: overriding method '/login'.
Is there way to do it simpler?
-
EHLO,
i am considering Roda and Rodauth for my current project and just stumbled this "The JSON API uses the POST method for all requests". why did you make it that way? is it possible to enable te…
-
As discussed in the google group, and having this [example](https://github.com/jeremyevans/rodauth/blob/master/lib/rodauth/features/jwt.rb#L55), a lot of actions in jwt mode aren't consistent because …
-
Usecase: user has lost his initial verify account email and needs to request it again using `resend_verify_account_view` (form with "Send verification again" button).
Problem: There is no way for…
-
The `:reset_password` feature causes a template to be rendered (or attempted to be rendered) upon a failed login attempt in json-only mode. I expect it to return a normal json-encoded login failure, a…
-
BCrypt has two unfortunate properties:
- Truncates after 72 bytes
- Truncates after NULL bytes (`BCrypt::Password.create("\u0000supersecurepassword") == "" #=> true`)
Rodauth doesn't seem to check fo…
-
This may not be the proper channel for this discussion. If not, please let me know and I'll make sure to post accordingly in the future.
I was curious if there was room for discussion, or had already…