CodeMirror/appwrite
1
0
Fork 0
mirror of synced 2024-06-26 18:20:43 +12:00
Code Issues Projects Releases Wiki Activity

docs for magic urls

Browse source
This commit is contained in:
Damodar Lohani 2021-08-31 13:11:36 +05:45
parent d67c754dad
commit dfe8bc6d53
2 changed files with 4 additions and 0 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

1
docs/references/account/create-magic-url-session.md Normal file
View file

@ -0,0 +1 @@
Sends the user an email with a secret key for login. When the user clicks the link he is redirected back to the URL you provided with the secret key and userId values attached to the URL query string. Use the query string params to submit a request to the [PUT /account/sessions/magic-url](/docs/client/account#accountUpdateMagicURLSession) endpoint to complete the login process. The login link sent to the user's email address is valid for 1 hour. If you are on mobile devices you can leave the URL parameter empty, so that the login completion will be handled by your Appwrite instance by default.

3
docs/references/account/update-magic-url-session.md Normal file
View file

@ -0,0 +1,3 @@
Use this endpoint to complete session creation with magic URL. Both the **userId** and **secret** arguments will be passed as query parameters to the redirect URL you have provided when sending your request to the [POST /account/sessions/magic-url](/docs/client/account#accountCreateMagicURLSession) endpoint.
Please note that in order to avoid a [Redirect Attack](https://github.com/OWASP/CheatSheetSeries/blob/master/cheatsheets/Unvalidated_Redirects_and_Forwards_Cheat_Sheet.md) the only valid redirect URLs are the ones from domains you have set when adding your platforms in the console interface.