Skip to content

Passwordless Magic Link Login #155

Description

@roshankumar0036singh

Problem Statement

Users suffer from password fatigue, leading to forgotten passwords and friction during the login process.

Technical Approach

Create new /api/auth/magic-link/request and /api/auth/magic-link/verify endpoints. Store a highly secure, short-lived (e.g., 15m) token in Redis and email it as a clickable link.

Acceptance Criteria

  • Users can authenticate purely via email.
  • Magic links are single-use and expire after 15 minutes.
  • Rate limiting is strictly enforced on the request endpoint.

Metadata

Metadata

Assignees

No one assigned

    Labels

    enhancementNew feature or request

    Projects

    No projects

    Milestone

    No milestone

    Relationships

    None yet

    Development

    No branches or pull requests

    Issue actions