Our great sponsors
-
InfluxDB
Power Real-Time Data Analytics at Scale. Get real-time insights from all types of time series data with InfluxDB. Ingest, query, and analyze billions of data points in real-time with unbounded cardinality.
> Microsoft scans to check the website contains malware. IMHO the security blunder is a self-implemented magic link.
It's not self-implemented, you can check it out here: https://github.com/supabase/gotrue
> Not password protected if the password is part of the URL.
It's a token that's valid for a couple of minutes – just like a password reset token. Indeed, in the given implementation, it's the very same as the password reset token. If you consider this implementation as "not password protected", any website with a password reset functionality is "not password protected".
Related posts
- T3 Stack Template : Supabase (w/ Auth + DB) and Shadcn-UI Basic Setup
- How do you implement authentication with nextjs frontend and golang backend?
- Securing a nextjs api with supabase auth
- Junior dev. Struggling to understand how the out-of-box Auth component works.
- Open Source alternative to Firebase Auth