Emailpassword Recipe
Auth recipe
Emailpassword recipe is responsible for enabling password based authentication for users.
Password is hashed and stored in the database. And when verifying the password is verified using the hash. Core supports standard BCRYPT and ARGON2 algorithms for hashing.
Password hashing algorithm can be configured using the core config file. None of them can be customized per tenant, hence, all the CUDs, apps and tenants share the same hashing algorithm.
During SignUp, if fake email id (emails ending with @stfakeemail.supertokens.com or .fakeemail.com), the email is automatically marked as verified since there would be no way to send emails to those fake ids.
This recipe also provides constructs for password reset.
password_reset_token_lifetime core config determines the validity of the password reset token.
Note that password reset token can be generated for non-existant users by just using the email. This is to enable a use case in SDK where a new user will be created on password reset, and, if using account linking, will link to other accounts with same email.
Apart from these, Emailpassword recipe also provides function to update email or password of existing recipe user.