[CLOSED] How to validate the user email in the appwrite auth database before password recovery?

I'm using Appwrite's straightforward authentication system, but I need a method to confirm that the email address provided during password reset is valid and exists in the Appwrite authentication database. This validation should occur without requiring the user to be logged in, as the getAccount and listIdentities methods are only accessible to logged-in users.

TL;DR

The user wants to validate the user email in the Appwrite auth database before password recovery. There is no built-in function for this in the Appwrite API, but the user can request a discussion on GitHub for more details. Checking the email in the database is not recommended as it can leak information. The user suggests creating a custom function for email validation.

The first solution that popped into my head is creating a function for it

Isn't there any function present in the appwrite SDK for this ?

That I do not know. I use appwrite for my hobby projects which honestly have been abandoned for a while now because of work

oh okay @Ernest

There is not function to do this, normally you should avoid it as it can leak information from your database. An attacker can have a list of emails and check if some of them are in your server, as you will tell which one exist in your server, then they just have to try with a list of passwords

I understand your point, but sending the password recovery link to invalid or non-existent email addresses is exactly what I'm trying to avoid. In such cases, I simply want to display a message indicating that the email address is invalid. Is there another way to handle this situation?

If the email isn't valid, it won't be sent because the server check if there is an account associated to that email before send it. There is no way to check an email with the current API, maybe you can open an issue on github to get a more detailed discussion about this topic