Prevent duplicate emails on sign-up
Hi folks! I'm looking for a way to prevent the client from allowing multiple sign-up emails to be sent if the previous token has not yet expired. Is there a way to detect
confirmation_sent_at client-side?
Alternatively am I overthinking this/is this good practice?
Possibly related but didn't help: https://discord.com/channels/839993398554656828/13830152682881679571 Reply
There are default rate-limits with supabase smtp. You can further customize the rate-limits if you use a custom SMTP. If you want full control over this, then you use send-email auth hook with a db function which will return the timestamp of the last token sent.
An additional step you can do is to use captchas in your app to prevent bots abusing your service