-
馃敄 Feature descriptionI have an app where users can register via Email and Password. I want the user to be redirected immediately to Email Verification and not allow the session to be created until the Email Verification has been completed. While Signing in, session should be allowed only if the user's email has been verified otherwise they cannot login or access the database. I do not want to check this client side due to security concerns. Is there an existing way to achieve this forced email verification for signin? 馃帳 PitchThis would be an important feature to have if an app requires compulsary verification of user's email. Although this can be achieved via client side check but then it won't be guaranteed that the user isn't bypassing this wall. 馃憖 Have you spent some time to check if this issue has been raised before?
馃彚 Have you read the Code of Conduct?
|
Beta Was this translation helpful? Give feedback.
Replies: 4 comments 1 reply
-
I believe it's default behavior to create a session for an unverified account, no matter if it has no access or limited access. Logging in should still "work". There could be some flag "isVerified" etcetera. Whether this should be built-in or you should just implement it yourself, that's something the core team should look at and decide. |
Beta Was this translation helpful? Give feedback.
-
Yes, currently session is created regardless if the user is verified or not. But is there is a way to create a session only for verified users? Maybe by using functions? |
Beta Was this translation helpful? Give feedback.
-
Thanks @stnguyen90 I solved it by adding a Custom Permission to my collection "users/verified" via console. |
Beta Was this translation helpful? Give feedback.
-
Hey I writing my application in react native and I want to verify my users automatically. How can i achieve this? |
Beta Was this translation helpful? Give feedback.
Thanks @stnguyen90
I solved it by adding a Custom Permission to my collection "users/verified" via console.
This way only verified users can access the database.