-
Notifications
You must be signed in to change notification settings - Fork 117
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
Creating more helpfull login errors #177
Comments
I agree! and in additional is needed to develop a way to introduce Globalization (Messages in different languages) or/and error codes, I'm working in a Spanish app using SuperLogin but the error messages are a headache. |
@peteruithoven I understand where you are coming from but seems at bit too hacker friendly, if you know what I mean. @ThonyFD for error code and i18n we started a conversation here #99 |
Because it would expose used usernames/emails? I understand that it would make it easier, but shouldn't the |
It will not make it infeasible. Only taking more time. You usually wanna avoid giving any information on failed login. Again, as a user, I totally understand. Went to many service where I don't remember with which provider I logged in. If something is done it should be configurable, if one wanna give more details from the server or not. |
We're noticing that failed logins attempts are a big source of confusion for users, especially when combining multiple providers (facebook, google, local).
Currently, when a user enters an invalid username/E-mail and/or password they simply get a "Invalid username or password" warning. We'd like to find a way to make that more helpfull.
Maybe check if an E-mail / login exists and check if the right provider is used.
Is there a way to do this with Superlogin?
The only way I can currently think of doing this is overring the login routes and adding some checks.
I could also partly do this client sided by using the
GET /validate-email/
route, but that wouldn't give me information about providers and if might get unexpected results with invalid emails.The text was updated successfully, but these errors were encountered: