Closed IndependentCreator closed 1 year ago
If you misconfigure your setup, unknown problems can occur. I would suggest making sure everything works, I don’t put extra checks to make sure you configured your system correctly. My recommendation is to setup AWS for production.
Thanks for the reply. Do you have any concerns that someone could use this behavior to create an exploit that would allow them to register without using a valid email address?
If you configure your smtp settings with the correct info, can you replicate this trouble? It would concern me if correctly configuring allowed users to sign in.
Oops you are right! thanks for sending this bug report… The problem is resend verification email incorrectly sets verified to true. Thanks very much for reporting this! I thought it was just a configuration issue but actually is a bad bug!
It should be fixed now. Thanks once again for reporting this trouble! And sorry for not checking this out better after your first report. Thanks so much for the follow up question, because it enabled me to think more about the problem and determine it shouldn't be happening whether the server was misconfigured or not.
No worries, I could have been more explicit in the initial report. Thanks for the quick fix and for putting together this example 🙂
Testing locally, I accidentally discovered a way to login without ever clicking on (or even receiving) the confirmation email:
npm run dev
npm run dev
npm run dev