5

Literally facepalm when seeing my company coding used Email as an identity to retrieve profile data etc. Yet the profile is allow user to interchange their email.

What is this kind sorcery is this? Why don't just plainly use the UID to retrieve profile instead, as simple as that. Is UNIQUE!!!

😒😒😒 F

Comments
  • 0
    Whats the problem? The profile will be associated to the new email so info will never be lost, maybe I’m lacking context.
  • 1
    @eptsousa I suspect maybe one of the concerns might be that email is a user defined type thing and mix-ups or even impersonation might happen.

    Granted you should have protections against that but still just getting user data that way might allow for corner cases and etc?

    Just a guess.
  • 1
    @N00bPancakes fair enough, still as you said most likely a corner case.
  • 1
    @eptsousa IMO ids should be unique and not mutable, so nothing user can change on their own.
  • 1
    @sladuled agree on that, I would always use an internal reference, it just made me think why using email would be a problem, but as the previous comment said there may be some weird corner cases and impersonation problems.
Add Comment