Hacker Newsnew | past | comments | ask | show | jobs | submitlogin

This is a really cool idea.

So they basically go to their email and verify and it stores a token in their cookies?



Exactly.

They login by just providing their email. It sens a link with a unique code in it. This code is checked against the DB and if it's correct, they get a cookie (the digital kind ;])


Beware of setups that verify (i.e. visit) all links in an email upon receiving one. This completely breaks one-time use login links.




Guidelines | FAQ | Lists | API | Security | Legal | Apply to YC | Contact

Search: