Magic Links
Magic links are secure, time-sensitive URLs that enable passwordless authentication. When users request access, they receive a link via email that logs them in upon clicking. This eliminates the need for passwords, enhancing security and simplifying the user experience.
You can see the implementation below
https://github.com/madewithnovel/novel/blob/main/app/auth/passwordless.ts
https://github.com/madewithnovel/novel/blob/main/app/api/internal/v1/auth-passwordless/index.ts
You can create a different Magic Links flow by following this guide
Confugration
You will need to set up the after_login
setting if you have changed the default page structure in Novel Web.
If you changed /web/app/(app)/dashboard
to /web/app/(app)/apps
for example, you will need to change the configuration in /config/auth.js
.
/**
* Override the redirects here with the custom pages that you have so you can reference
* them easily in your server code.
*/
routes: {
login: '/login',
mfa: '/login/mfa',
forget: '/login/forget',
link: '/login/link',
verify: '/mail/verify',
signup: '/signup',
logout: '/logout',
},
API
You can use /auth/passwordless
to perform a Magic Link flow.
Authenticate by strategy available to the application.
POST /auth/{strategy} HTTP/1.1
Host:
Content-Type: application/json
Accept: */*
Content-Length: 44
{
"email": "[email protected]",
"password": "text"
}
{
"redirect_to": "text"
}
Authenticate by passwordless strategy available to the application.
Authentication successful. Redirecting to next step...
GET /auth/passwordless/verify HTTP/1.1
Host:
Accept: */*
Authentication successful. Redirecting to next step...
No content
Changelog
2024-12-20 - Initial Documentation
Last updated
Was this helpful?