sjeremycohen
commented
1 year ago I think you're right that we should be forcing verification before login - @Pankhurinyu @emoltz let's figure out how this can be enforced?
Open ds6332 opened 1 year ago
sjeremycohen
commented
1 year ago I think you're right that we should be forcing verification before login - @Pankhurinyu @emoltz let's figure out how this can be enforced?
emoltz
commented
1 year ago I think we are already forcing verification before login in a way right? Because they can't log in until they click the link in their email.
ds6332
commented
1 year ago @emoltz , yeah you are right. I don't know how to enforce email field validation, cause there could be any valid domain and regex structure. But maybe, prevent the email id from being changed.
What if a user validates with one email id and later changes it to a different email - valid or not.?
emoltz
commented
1 year ago Really good point. We would have to build in validation for the changed email too
Email field takes any string in the form "word@word.word". Maybe a front end check will reduce operations on AWS. Forcing verification before login works