Password reset for accounts using OTP (phone number as usernames)

[alexreyes]

Bug report

There doesn't seem to be a way to reset passwords for accounts made using phone number (OTP) based log in.

Describe the bug

See above

To Reproduce

1. Create an account using phone number (OTP) auth
2. Try to reset the password

Expected behavior

Password reset works with phone number based auth (i.e. situations where we don't have the user's email)

Additional context

This is quite vital for mobile apps

[hf]

Hi @alexreyes, I'm not sure I understand the problem. OTP based login is a passwordless login method. There is no password stored for the user. Each time a person needs to log in, a new, random and unguessable password is generated (thus called One Time Password) and sent to their SMS.

Forgot password does not apply in this case.

[alexreyes]

@hf My bad, what I meant is: password reset is needed for accounts which use a phone number as the username. As in, accounts made with phone numbers (no email).

Currently password reset is only supported for email based accounts

[kangmingtay]

I don't think we'll be fixing this because a password reset for an account created using a phone number - supabase.auth.signUp({ phone: "...", password: "..."}) can be reset by calling supabase.auth.signInWithOtp({phone: "..."})) to get an OTP first, then calling supabase.auth.updateUser({password: "newpassword"})