Magic Link expiration more than 24 hours

Hello everyone,

I would like to send a Magic link but with a link expiration more than 24 hours.

I found this method :

But I did not get it, it does not work on my side.

Some of you have achieved to make a magic link more than 24 hours ?
If yes, how did you do it ? Could you explain me the process?

OR, do you know another method to allow the user to go directly inside his/her account when he clicks on the link received by email?

Thank you so much

Hi I did something like this on one of my project. But it’s kind of a security breach for your app that can be hacked by brute force.

We did as follow:

  1. Create a page with a workflow on load that trigger an API connector / backend workflow to regenerate a magic link based on a user unique id in the URL parameters
  2. This workflow was a backend workflow we used in the API connector so we can get the response (the magic link URL)
  3. Then we just wait X sec then redirect to the response URL
  4. Bubble did the rest. And the user was connected

But I highly recommend to not use this kind of technique. Because like I said in the beginning, there is some kind of security breach there.

Hello,

Did you do the same process that @yusaney1 proposes on the post below ?
Magic link with >24 hour expiration? - #11 by Steve_W

Because on my side, it did not work.

I will ask for the security breach with my partner,

thank you.

Yes kinda.
But I remember struggling on 2 stupid things

  • about the url of the POST call in the API connector. Check that your URL is not the version-test one.
  • And when redirecting I did a find and replace to the link because I obtained a [domain].bubbleapps.io link when I needed a [subdomain].[domain].com link
1 Like

Thank you so much :slight_smile:

I am kind of afraid about Hacking so maybe we will forget it.

I have a question :
Do you think it is possible to send an email (Via Sendgrid) to the User,
He.she clicks on a link to go on the app and we ask him to fill out :

  • identification
  • Password

To connect on his/her account.

BUT:
Is it possible to fill the identification with th email directly ? So the User writes onlyt the password ?

Thank you

Yes absolutely possible if you pass a parameter in the link of your email to find the the right user’s email/id.
2 + 1 options:

  • have bubble users unique id available in sendgrid to customize dinamically the link with it and then in the bubble landing page search Users where unique id = URL parameter’sid:first item email to populate the identification input
  • same technique but pass directly the email as parameter. But it’s a little bit less secure than the first option. Because someone can try to find your user’s email by testing different value in this parameter.