I would like to propose a new feature that for as is paramou SuperTokens.com #contributing

I would like to propose a new feature, that for as...

sullof

02/14/2023, 9:18 PM

I would like to propose a new feature, that for as is paramount. If we use a

passwordless

recipe, the user can spam the service creating different accounts just using, for example - newuser@gmail.com - new.user@gmail.com - newuser+two@gmail.com etc. Right now, we enforce that on our side and we clean any user's email removing aliases. It looks like we cannot tell SuperTokens to enforce that. It would be very good if SuperTokens adds an option to activate a restriction. An alternative solution would be if there is a hook, like

preValidate

, that we can set up to make validation on the email. It would also solve the common use-case where the app can accept only users that have an email on a certain set of domains.

02/15/2023, 4:15 AM

Hey @sullof this is possible with supertokens.

02/15/2023, 4:16 AM

You can override the create code function on the backend (which accepts an email), and normalise the email as per your liking before calling the original implementation.

sullof

02/15/2023, 4:36 AM

Oh, I didn’t think about that. Thanks. I will try that

sullof

02/19/2023, 12:18 AM

@rp I can't find the function to override. Can you point me to some documentation or to the function in the repo so I can deduct things going backwards from there? Thanks

02/19/2023, 5:07 AM

Im not sure which SDK and recipe you are using @sullof , but for nodejs and passwordless recipe, you should override the createCode function in the recipe interface (https://supertokens.com/docs/nodejs/modules/recipe_passwordless.html#RecipeInterface)

sullof

02/19/2023, 5:40 AM

Thanks a lot

3 Views

Previous Next