-
Notifications
You must be signed in to change notification settings - Fork 108
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
Disabled users get token while signup #397
Comments
This issue has been automatically marked as stale because it has not had recent activity. It will be closed if no further activity occurs. Thank you for your contributions. |
Hello @im-what-im,
and then ran signed up a user:
As you can see there is no session coming back. Would you mind providing step by step instructions to reproduce? Thanks! |
While signing up with NEW_USER_DISABLED flag set to true, response is sent with a valid token.
While EMAIL_VERIFIED flag is honoured during the same, DISABLED flag is not.
However, when the user tries to re-login, a token does not get generated.
Similar to the handling of Email Verified flag, if Disabled flag is set, token should not be sent in response.
The text was updated successfully, but these errors were encountered: