I created an event on page load that,
if the user is logged out
and the URL contains an access pin param,
I search for a user with that code,
assign a temp password for him
and logs him in.
All looks good on the debugger, except that at the end, it doesn’t log me in—no errors or so.
Any ideas will be appreciated.
I do a very similar process. I do a search for the user in the DB:
And then assign a temp password:
Is your workflow the same? If not, make your app Read Only and send on the link to review.
I do exactly the same, except one thing, I do a search for the email (by the unique code I got on the url).
That is probably the problem:
This action logs an existing user in with an email and password. The user must have already signed up for this action to proceed. When successful, this action triggers the event ‘The current user is logged in.’
I found a solution by passing the password and email, on the URL params but additionally, I pass a random uuid which I generate before sending the link and it expires a few minutes after it was generated, both from the API, and after login in, it also replaces it by bubble. I can also generate a newrandom email each time for more security.
So to summarize, it’s a one-time link, sent to your telegram bot where it creates a user and then each time generates a one-time password and logs you in automatically.
This topic was automatically closed after 70 days. New replies are no longer allowed.