How could I implement a simple passwordless email OTP code session #669
-
|
I'm thinking about using iron-session to build a simple email based OTP "magic code" flow instead of a magic link where users are emailed a 6 digit code and if they confirm properly a session is saved. I know there was previously a section on magic links in the docs, and I was going to use that as a base structure for this but no longer see any information on it. Could I still create a system that supports something like this with iron-session? |
Beta Was this translation helpful? Give feedback.
Replies: 1 comment
-
|
Hey there, there's now a magic link demo: https://get-iron-session.vercel.app/app-router-magic-links. As for OTP codes I have no prior knowledge on how to properly, and securely, implement it. But you would probably generate a unique code, associate it in your database to the user trying to login, email it to them and then check the value matches what you have in your database. There's not even a need for iron-session here at this point. |
Beta Was this translation helpful? Give feedback.
Hey there, there's now a magic link demo: https://get-iron-session.vercel.app/app-router-magic-links. As for OTP codes I have no prior knowledge on how to properly, and securely, implement it. But you would probably generate a unique code, associate it in your database to the user trying to login, email it to them and then check the value matches what you have in your database. There's not even a need for iron-session here at this point.