SuperTokens is an open source authentication solution offering features like: Different types of login: Email / password, Passwordless (OTP or Magic link based).

SuperTokens.com

Hey guys,
I need a little help with email verification recipe. Does the `email_verify_post` call take into account the `user_id` in the session when verifying the token?

Here is my override function for email verification apis.
We want to use the recipe for generating tokens and sending emails to our users.

From what I can see in source code, the `original_email_verify_post` does not check if this particular token was given to this particular `user_id`, is that right?

It does not try to check if the token was issues to that user id

Nope, I did not even try to run the code yet 😁  just designing the flow for our use case

Then I have to add a manual check for user ID, because we require a valid session. I'm still trying to implement that Telegram-like authentication flow with the second factor password and a backup email to reset the password 🙂

Ah, let us know if you have any more questions

Hi <@292333473786494976> ! Can you please tell me what is the max length of the verification token?