Authenticate via MagicLinks aka Passlinks

[loeffert]

Checklist

• I could not find a solution in the existing issues or docs.
• I agree to follow this project's Code of Conduct.

Description

As an alternative to passcodes I want to be able to authenticate via a magic link or lets call it passlink. Authentication via a passlink involves sending a user a unique, time-sensitive link to their email address. When the user clicks this link, they are automatically logged into the application, eliminating the need for a traditional password or a passcode.

Describe your ideal solution

Implement a passlink authentication feature where users can request a login link to be sent to their registered email address. Upon clicking the link, users should be securely authenticated and logged into their account without needing to enter a password.

The link should be unique, time-sensitive, and expire after a set duration or after being used once, ensuring security and preventing unauthorised access. All of that should be configureable. Depending on the security needs you might want to configure if the link is only valid within the same browser / session or with different devices.

Additionally, there must be a backend mechanisms to handle link generation, email delivery and validation of the link upon user access.

Workarounds or alternatives

An alternative would be to implement API-supported auth flows which would allow to run magic link authentication as an external service.

Hanko Version

v0.11

Additional Context

No response