Y
Hacker News
new
|
ask
|
show
|
jobs
by
xx_ns
313 days ago
And we get back to the original point of the article (sort of). Opening a magic link should authenticate the user who opened the magic link, not the attacker who made the application send the magic link.