Skip to content

verifyPassword endpoint should accept POST #7784

Open
@cbaker6

Description

@cbaker6

New Feature / Enhancement Checklist

Current Limitation

verifyPassword currently only accepts get. Most of the endpoints have been moved to accept POST, but not this one. When using GET with verifyPassword, it sends the username and password being verified allowing this data to be cached.

this.route('GET', '/verifyPassword', req => {
return this.handleVerifyPassword(req);
});

Feature / Enhancement Description

Use POST instead and SDK's should change to POST. I currently only found this being used in the JS SDK, though I have an implementation of it for the Swift SDK that I haven't merged yet. I don't plan on merging the Swift version with GET. Of course, it can also be accessed via REST.

Maybe get rid of GET here? Maybe it's needed for backwards compatibility? Just a thought...

Example Use Case

  1. User is logged in
  2. User attempts to verify their password. Hit the verifyPassword endpoint with a POST (instead of GET)

Alternatives / Workarounds

Use GET or don't use verifyPassword/

3rd Party References

Previous Issue #4052, PR: #4268

Metadata

Metadata

Assignees

No one assigned

    Labels

    type:featureNew feature or improvement of existing feature

    Type

    No type

    Projects

    No projects

    Milestone

    No milestone

    Relationships

    None yet

    Development

    No branches or pull requests

    Issue actions