mirror of
https://github.com/fosrl/pangolin.git
synced 2026-07-15 21:31:24 -05:00
Feature Request: Whitelisting OTP Email whitelisting #179
Reference in New Issue
Block a user
Delete Branch "%!s()"
Deleting a branch is permanent. Although the deleted branch may continue to exist for a short time before it actually gets removed, it CANNOT be undone in most cases. Continue?
Originally created by @jimmy-ck on GitHub (Mar 25, 2025).
Pangolin shows the user who is trying to insert a non-whitelisted email that the email is not whitelisted explicitly. This opens the door to try out multiple addresses and get a potential positive feedback if they are whitelisted or not.
I prefer Cloudflare's approach of just showing the user in general that OTP password has been sent but only actually sends the OTP in the background, if the address is whitelisted.
What do you think about that?
https://developers.cloudflare.com/cloudflare-one/identity/one-time-pin/
@oschwartz10612 commented on GitHub (Mar 25, 2025):
Interesting idea! I think we are going to move this to a discussion so others can upvote.