Registration of users without singupsources with access to a site #268
Comments
|
Hello @BetoFandino, Before we start thinking about how to fix this, we need to understand our use case for it. Why is it so important to allow multiple signup sources for users or have no signup source for users? Why do we need this? Which cases do we have, and how many cases do we have? |
|
I will paste the response here as I receive it in Spanish to have a record of it.
|
|
As requested a feature like this could be a gigantic security issue. I suggest we do not change this API in such a way. |
Description
We have seen some cases in which when you want to register a user through eox-core, if you do not have signupsource of the site where you want to register, it will tell you that the user is not found, causing the simple ecommerce to fail.
To solve it, we add several signupsource to the users, causing a failure in the password change by control.
Sometimes it also happens that customers use the apis and when they try to register a user they get user not found due to this problem. Therefore they go to create it and they get that the user already exists, which generates some confusion.
For these reasons we want to propose an improvement for the registration of users who do not have signupsource but are allowed to access the site.
The text was updated successfully, but these errors were encountered: