Add paranoid flag to options

mikker / passwordless

🗝 Authentication for your Rails app without the icky-ness of passwords

MIT License

1.25k stars 86 forks source link

Add paranoid flag to options #182

Closed divagueame closed 5 months ago

divagueame commented 8 months ago

Hi, this is my attempt to tackle the paranoid option to hide user existence when requesting token on Sep 21 When the paranoid flag is enabled, and a user tries to sign in with a non existing email:

The same behavior will be shown to the user.
No email will be sent to non existing emails/user.
A session will still be created for non existing emails/user. I am not sure how big of a deal it is, so I left it like that for now.

mikker commented 5 months ago

Thank you for contributing. This feature was implemented in #196 and released in 1.3.0