Prevent leaking email addresses when user is not confirmed

stevepolitodesign / rails-authentication-from-scratch

A step-by-step guide on how to build your own authentication system in Rails from scratch.

222 stars 32 forks source link

Closed stevepolitodesign closed 2 years ago

stevepolitodesign commented 2 years ago

A bad actor could exploit this vulnerability to see if a user exists in the system.