[Solved] Update email if logged in by Magic URL

I have 2 types of login with Phone and Magic URL I want to allow people to login via phone and add email also later on so that they can login via magic url too if they want to but a password is required to update the email is there any other way to update the email without using the password with the client sdk.

Hi

Unfortunately, seems like it is required rn and not optional

Just pass any value. It doesn't matter what is passed if they don't have a password.

But if I create a password for them won't that be a security issue because then to update the phone ever again I have to save the password and put it there again and for adddtional email edits too

I'm not sure what you mean. If they don't have a password, it won't set a password. The password you pass in will be ignored

Okay I did not knew that it will not set it thanks

I thought IF I set something then I need to save it in the DB and pass it on furter changes in email and phone

Actually sorry, I was wrong. The password that's passed in will actually set. so your UI can show something to say if you don't have a password, this will set the password

I think we wanted to change this so that it wouldnt update the password, but that would be a breaking change 😕

But showing that won't make sense as I use magic url and phone, both don't use password so that won't make any sense

Can you tell me if someone can log in via password if I disable email/password option

If I set it myself it is not a security issue just making sure

No they can't

Maybe use an Appwrite Function and server sdk then

Thanks for your help I will use a function then

Should i raise a feature request on github for this?

You can

[Solved] Update email if logged in by Magic URL