undefined | Better HN

0 pointsnickjj3y ago0 comments

> Magic Links mean that if there is any issue with any of the email servers in the chain (which there often are), my ability to log in to the website may be delayed by 10, 20, maybe even 30 minutes.

This same exact thing happens with a username and password driven site because almost all sites (rightfully) require you to confirm your account after sign up by clicking a link in your email.

0 comments

3 comments · 1 top-level

scrollaway3y ago· 2 in thread

With magic links it happens every single login. Confirmation email only needs to be done once per email. I thought this was obvious?

And most websites don’t require confirmation email to log in, they require it to unlock certain features.

nickjjOP3y ago

> With magic links it happens every single login. Confirmation email only needs to be done once per email. I thought this was obvious?

You don't have to do it on every single login. Check my previous reply's comment:

> I really don't understand why so many folks hate magic links. They solve a number of problems in a pretty reasonable way at the cost of having to wait 5 seconds for 1 email to verify your email at which point the site can set a cookie for a year and you don't have to deal with logging in by email for another year.

There's nothing "magic" about magic links and "remember me". You still read this information from a session and can optionally look up the details from an encrypted and signed cookie (or Redis / Memcached / whatever session back-end) with a user ID which then loads a user from your DB on the back-end. It's the same exact workflow as a user / pass strategy.

remram3y ago

"Logging in" typically refers to the situation where you don't have the cookie and need to get it. Having the cookie is typically referred to as "being logged in" already.

1 more reply

j / k navigate · click thread line to collapse