@WatchandLearnTutorials do you cover email verification for signup anywhere in this tutorial? I was looking but unable to find it. This would be a fantastic addition to an already great resource!

Directus 10 is already undergoing validation.

Thanks 👍

How you created the file using keyboard shortcut?

@WatchandLearnTutorials

2 жыл бұрын

In PHPStorm I do cmd + up arrow, go to folder that I want to create a new file, and then do option+cmd+n (this is custom shortcut so probably you need to check that). And that is it.

I´m getting "You don't have permission to access this......FORBIDDEN" when creating a new user...any idea why this is the case.

@kabir52

10 ай бұрын

did you figure out how to resolve this?

Is role id exposed on your request on client ? if yes, is it not a security fail if an attacker discover admin role?

@WatchandLearnTutorials

2 жыл бұрын

But the attacker would not discover admin role, since we are not sending admin role, we are sending customer role. Which should be publicly available.

@gbfgtki

2 жыл бұрын

@@WatchandLearnTutorials if the user finds the id of the admin role in any way, you're fucked

@WatchandLearnTutorials

2 жыл бұрын

@@gbfgtki I tested this a bit, and you are right. But for someone to guess 36 character string would be pretty hard. Also if you really need to send admin role ID from the frontend, then you should save it to .env variable. But yeah, technically you are right and good catch, I think I will open up an issue on Directus Github Page and see what they say about it.

@ricardomarques748

6 ай бұрын

I was thinking the same. maybe that should be set in the server side