IMPROVE SECURITY of Magic-link authentication feature #359
Description
✨ Feature Request
Is your feature request related to a problem? Please describe.
This authentication feature should be allow in 2 case:
- The very first account (admin account) registration.
- Existed account.
Describe the solution you'd like
The magic-link sign-in button would send a request to API.
The API then check if the input email exists or not:
- If the email exists, send the magic-link.
- If not, but currently there is no account, send the magic-link.
- Else, return unauthorized error.
Would you like to work on this feature?
- Yes, I'd like to help implement this feature
- No, I'm just suggesting the feature
Currently, i have many tasks to do. But then if i have free-time, i can give a hand.