[CLOSED] How to validate the user email in the appwrite auth database before password recovery?
- 0
- Web

I'm using Appwrite's straightforward authentication system, but I need a method to confirm that the email address provided during password reset is valid and exists in the Appwrite authentication database. This validation should occur without requiring the user to be logged in, as the getAccount and listIdentities methods are only accessible to logged-in users.

The first solution that popped into my head is creating a function for it

Isn't there any function present in the appwrite SDK for this ?

That I do not know. I use appwrite for my hobby projects which honestly have been abandoned for a while now because of work

oh okay @Ernest

There is not function to do this, normally you should avoid it as it can leak information from your database. An attacker can have a list of emails and check if some of them are in your server, as you will tell which one exist in your server, then they just have to try with a list of passwords

I understand your point, but sending the password recovery link to invalid or non-existent email addresses is exactly what I'm trying to avoid. In such cases, I simply want to display a message indicating that the email address is invalid. Is there another way to handle this situation?

If the email isn't valid, it won't be sent because the server check if there is an account associated to that email before send it. There is no way to check an email with the current API, maybe you can open an issue on github to get a more detailed discussion about this topic

[CLOSED] How to validate the user email in the appwrite auth database before password recovery?
Recommended threads
- Is my approach for deleting registered u...
A few weeks ago, I was advised not to use the registered users' id in my web app. Instead, I store the publicly viewable information such as username and email ...
- Stuck in "deleting"
my parent element have relationship that doesnt exist and its stuck in "deleting", i cant delete it gives me error: Collection with the requested ID could not b...
- Help with 409 Error on Relationship Setu...
I ran into a 409 document_already_exists issue. with AppWrite so I tried to debug. Here's what I've set up: Collection A has 3 attributes and a two-way 1-to-m...
