Magic Link expiration more than 24 hours

Hello everyone,

I would like to send a Magic link but with a link expiration more than 24 hours.

I found this method :

But I did not get it, it does not work on my side.

Some of you have achieved to make a magic link more than 24 hours ?
If yes, how did you do it ? Could you explain me the process?

OR, do you know another method to allow the user to go directly inside his/her account when he clicks on the link received by email?

Thank you so much

Hi I did something like this on one of my project. But it’s kind of a security breach for your app that can be hacked by brute force.

We did as follow:

  1. Create a page with a workflow on load that trigger an API connector / backend workflow to regenerate a magic link based on a user unique id in the URL parameters
  2. This workflow was a backend workflow we used in the API connector so we can get the response (the magic link URL)
  3. Then we just wait X sec then redirect to the response URL
  4. Bubble did the rest. And the user was connected

But I highly recommend to not use this kind of technique. Because like I said in the beginning, there is some kind of security breach there.

Hello,

Did you do the same process that @yusaney1 proposes on the post below ?
Magic link with >24 hour expiration? - #11 by Steve_W

Because on my side, it did not work.

I will ask for the security breach with my partner,

thank you.

Yes kinda.
But I remember struggling on 2 stupid things

  • about the url of the POST call in the API connector. Check that your URL is not the version-test one.
  • And when redirecting I did a find and replace to the link because I obtained a [domain].bubbleapps.io link when I needed a [subdomain].[domain].com link
1 Like

Thank you so much :slight_smile:

I am kind of afraid about Hacking so maybe we will forget it.

I have a question :
Do you think it is possible to send an email (Via Sendgrid) to the User,
He.she clicks on a link to go on the app and we ask him to fill out :

  • identification
  • Password

To connect on his/her account.

BUT:
Is it possible to fill the identification with th email directly ? So the User writes onlyt the password ?

Thank you

Yes absolutely possible if you pass a parameter in the link of your email to find the the right user’s email/id.
2 + 1 options:

  • have bubble users unique id available in sendgrid to customize dinamically the link with it and then in the bubble landing page search Users where unique id = URL parameter’sid:first item email to populate the identification input
  • same technique but pass directly the email as parameter. But it’s a little bit less secure than the first option. Because someone can try to find your user’s email by testing different value in this parameter.

This topic was automatically closed after 70 days. New replies are no longer allowed.