search

pilcrowOnPaper / copenhagen

A basic guideline on implementing auth for the web
https://thecopenhagenbook.com
MIT License
851 stars 23 forks source link

email verification & password reset #23

Closed pekeler closed 4 days ago

pekeler commented 3 weeks ago

You should even mark a user's email address as verified if they reset their password.

This is counter intuitive to me. Why?

pekeler commented 3 weeks ago

Ah, do you mean "...after they have successfully reset their password." instead of "...when they request to reset their password" which is how I first read it.

pilcrowOnPaper commented 1 week ago

Yeah, after they reset their password