Hello! So. I don't want to store my users user agent or IP associated with their accounts for privacy reasons. I see that this info isn't actually being used by the library in any way, though the Passwordless::Session model does fail to validate if they aren't present. I can work around this by:
module Authentication
include Passwordless::ControllerHelpers
...
def build_passwordless_session(user)
Passwordless::Session.new.tap do |session|
session.authenticatable = user
session.user_agent = "N/A"
session.remote_addr = "N/A"
end
...
end
But honestly this should be something that people should not even really be doing at all, and if they feel they have a specific need it should be an affirmative choice, not something automatic.
Thoughts? If we can agree on a way to solve this I'd be happy to do the work n submit a PR.
Hello! So. I don't want to store my users user agent or IP associated with their accounts for privacy reasons. I see that this info isn't actually being used by the library in any way, though the Passwordless::Session model does fail to validate if they aren't present. I can work around this by:
But honestly this should be something that people should not even really be doing at all, and if they feel they have a specific need it should be an affirmative choice, not something automatic.
Thoughts? If we can agree on a way to solve this I'd be happy to do the work n submit a PR.