Open RishabhJain0721 opened 6 months ago
Hey @jvJUCA I would like to work on this issue by setting up an email verification using firebase authentication to verify new users. Please assign me this issue.
Hello @RishabhJain0721, I removed the bug tag as this is not a bug, but an improvement to the code.
For the present moment we are not interested on implementing this specific feature. We will leave this issue opened for future work.
Thank you for the suggestions.
@KarinePistili Alright thanks for the correction.
Could I work on this Issue?
hello @solvibrain, this issue is currently marked as future work and won't be done by now. Feel free to find another issue if you there is something you find interesting ;)
Description π
There is a vulnerability in the authentication system of the project. The issue allows any random email, whether it exists or not, to be used to sign up and subsequently log in.
Link π
https://retlab-dev.firebaseapp.com/signup
Steps to Reproduce π
Screenshots πΈ
Expected Behavior π€
The expected flow of control in my perspective should be like this :
Actual Behavior π±
Environment π
Additional Information βΉοΈ
This vulnerability could allow unauthorized users to gain access to user accounts, potentially leading to unauthorized actions, and other security incidents. Implementing email verification, would be a great mitigation step.