search

kucherenko / strapi-plugin-passwordless

A plugin for Strapi Headless CMS that provides ability to sign-in/sign-up to an application by link had sent to email.
MIT License
77 stars 26 forks source link

safelinks.protection.outlook.com invalidates passwordless link #23

Open Cerlancism opened 1 year ago

Cerlancism commented 1 year ago

Now outlook will wrap any url with safelinks, which upon click will access the link on behalf of the user first before redirecting the user.

I implemented the handover of jwt at server side rendering setting httpOnly cookie.

I think could wrap another redirect at browser side which then actually calls the login API. Or, can we have a switch to allow re-use of the link or only invalidate the link after few access counts instead of 1.

Seems Related: https://github.com/kucherenko/strapi-plugin-passwordless/issues/16

kucherenko commented 1 year ago

Good point, thank you for the issue