Make sure Phonenumber is verified & Only allow accesstokens with existing clientId - Githubissues

openstad / openstad-oauth2-server

MIT License

0 stars 8 forks source link

Make sure Phonenumber is verified & Only allow accesstokens with existing clientId #82

Closed ToshKoevoets closed 2 years ago

ToshKoevoets commented 2 years ago

2 things:

Add a check that every info check an access token is valid for the user and connected to the site
Add a check that a user always needs to have a phonenumber confirmed if authType phonenumber is on.