search

digitalungdom-se / digitalungdom.se

The source code for Digital Ungdoms website
https://www.digitalungdom.se
GNU Affero General Public License v3.0
7 stars 6 forks source link

Login link via email #103

Open Nautman opened 3 years ago

Nautman commented 3 years ago

We've discussed that we should add a link to the login email so that you don't need to copy and paste the code.

The user should be able to click on the link for something like /verify/:email/:code, but I don't know the next step.

Should the user:

  1. Be automatically logged in and redirected to e.g. Agora
  2. Be asked to return to the previous tab which will now be logged in

Furthermore, we need the email in the link. Perhaps we can take two birds with one stone and do base64.encode(email + code) as a token? Then there won't be any history with the email in the URL.

EDIT: Maybe it's possible to get the email from localStorage, but I'm not sure I like that option.

Nautman commented 3 years ago

Between medium and difficult to fix.