daonb
commented
1 year ago We use email because we don't have a password. I wanted to try passwordless and the price it comes with is that we have to replace the password with another form of authentication - hence email.
The good news is that email will go away. I'm still not sure exactly how, but the plan is to add the peerbook interface to T7, turning peerbook.io into a REST api server.
I understand you want to send an email so you can verify this is the email owner, but once the account is verified, why isn't it enough to login via a email+otp directly? All the services I can think of either send you a verification mail with a login code, or let you enter a rolling OTP, but not one I can think of requires both. I fgot into a situation where peerbook had to rate-limit the emails to me.