https://supertokens.com/ logo
Channels
bot-training
community
contributing
general
github-activity
info
introductions
new-releases
random
security
support-questions
welcome-0xdelusion
welcome-aj-ya
welcome-aleksandrc
welcome-alpinjs
welcome-amberlamps1
welcome-andrew-rodriguez
welcome-ankit-choudhary
welcome-anthony-stod-custodio
welcome-call-in
welcome-chwalbox
welcome-claybiokiller
welcome-co7e
welcome-cosmoecwsa
welcome-devdag
welcome-dinso
welcome-drebotelho
welcome-elio
welcome-ernest
welcome-foxbarrington
welcome-fromscratch
welcome-galto4ir
welcome-goetzum
welcome-hay-kot
welcome-himanshu-kukreja
welcome-hossambarakat
welcome-ichikawakazuto
welcome-jahir9991
welcome-jamesl
welcome-jerry123424
welcome-john-oliver
welcome-jonas-alexanderson
welcome-jxyz
welcome-kelvinwop
welcome-kraz
welcome-lancekey
welcome-leoo
welcome-lukeacollins
welcome-m-j-mon
welcome-malik-khoja
welcome-marco
welcome-mardadi
welcome-meshguy
welcome-metamorph
welcome-mike-tectu
welcome-mirzok
welcome-mozomig
welcome-naberyou66_
welcome-nacer
welcome-namratha
welcome-naveenkumar
welcome-nightlight
welcome-nischith
welcome-notankit
welcome-olawumi
welcome-pavan-kumar-reddy-n
welcome-pineappaul
welcome-poothebear
welcome-rick
welcome-samuel-qosenergy
welcome-samuelstroschein
welcome-shubhamgoel23
welcome-shubhamkaushal
welcome-sidebar
welcome-surajsli
welcome-suyash_
welcome-syntaxerror
welcome-tauno
welcome-tawnoz
welcome-teclali
welcome-tls
welcome-turbosepp
welcome-vikram_shadow
Powered by
Title
s

sullof

02/14/2023, 9:18 PM
I would like to propose a new feature, that for as is paramount. If we use a 
passwordless
recipe, the user can spam the service creating different accounts just using, for example - newuser@gmail.com - new.user@gmail.com - newuser+two@gmail.com etc. Right now, we enforce that on our side and we clean any user's email removing aliases. It looks like we cannot tell SuperTokens to enforce that. It would be very good if SuperTokens adds an option to activate a restriction. An alternative solution would be if there is a hook, like 
preValidate
, that we can set up to make validation on the email. It would also solve the common use-case where the app can accept only users that have an email on a certain set of domains.
r

rp

02/15/2023, 4:15 AM
Hey @sullof this is possible with supertokens.
You can override the create code function on the backend (which accepts an email), and normalise the email as per your liking before calling the original implementation.
s

sullof

02/15/2023, 4:36 AM
Oh, I didn’t think about that. Thanks. I will try that
@rp I can't find the function to override. Can you point me to some documentation or to the function in the repo so I can deduct things going backwards from there? Thanks
r

rp

02/19/2023, 5:07 AM
Im not sure which SDK and recipe you are using @sullof , but for nodejs and passwordless recipe, you should override the createCode function in the recipe interface (https://supertokens.com/docs/nodejs/modules/recipe_passwordless.html#RecipeInterface)
s

sullof

02/19/2023, 5:40 AM
Thanks a lot
3 Views
#contributingJoin Discord
Powered by