Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Authenticate via MagicLinks aka Passlinks #1466

Open
2 tasks done
loeffert opened this issue May 24, 2024 · 3 comments · May be fixed by #1467
Open
2 tasks done

Authenticate via MagicLinks aka Passlinks #1466

loeffert opened this issue May 24, 2024 · 3 comments · May be fixed by #1467
Labels
enhancement New feature or request

Comments

@loeffert
Copy link
Contributor

Checklist

  • I could not find a solution in the existing issues or docs.
  • I agree to follow this project's Code of Conduct.

Description

As an alternative to passcodes I want to be able to authenticate via a magic link or lets call it passlink. Authentication via a passlink involves sending a user a unique, time-sensitive link to their email address. When the user clicks this link, they are automatically logged into the application, eliminating the need for a traditional password or a passcode.

Describe your ideal solution

Implement a passlink authentication feature where users can request a login link to be sent to their registered email address. Upon clicking the link, users should be securely authenticated and logged into their account without needing to enter a password.

The link should be unique, time-sensitive, and expire after a set duration or after being used once, ensuring security and preventing unauthorised access. All of that should be configureable. Depending on the security needs you might want to configure if the link is only valid within the same browser / session or with different devices.

Additionally, there must be a backend mechanisms to handle link generation, email delivery and validation of the link upon user access.

Workarounds or alternatives

An alternative would be to implement API-supported auth flows which would allow to run magic link authentication as an external service.

Hanko Version

v0.11

Additional Context

No response

@loeffert loeffert added the enhancement New feature or request label May 24, 2024
@github-project-automation github-project-automation bot moved this to 🆕 New in Hanko May 24, 2024
loeffert added a commit to foomo/hanko that referenced this issue May 24, 2024
@loeffert loeffert linked a pull request May 24, 2024 that will close this issue
@Sundaram-rathor
Copy link

/assign

1 similar comment
@runningpoem30
Copy link

/assign

Copy link

oss-gg bot commented Oct 13, 2024

This issue is not part of oss.gg hackathon. Please pick a different one or start with a side quest

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Labels
enhancement New feature or request
Projects
Status: 🆕 New
Development

Successfully merging a pull request may close this issue.

3 participants