Interface EmailVerificationWhitelist


  • public interface EmailVerificationWhitelist
    Simple whitelisting interface to enforce one-time use for email verification codes. Expectation is that prior to sending an email with a verification code, add(context, token) is called to add the token to a whitelist. When the token is consumed (through clicking a link in an email), validateAndRemove(context, token) is called to a) validate that the token is still valid (has not been used) and b) removes the token from the whitelist, thereby ensuring one-time use.

    Implementations may also implement their own expiry mechanisms as needed, but this not enforced via this interface.

    • Method Detail

      • add

        void add​(Context context,
                 String token)
        Add the token to the whitelist.
        Parameters:
        context - the request context of the process adding the token
        token - the token to whitelist
      • validateAndRemove

        boolean validateAndRemove​(Context context,
                                  String token)
        Check to see if the token is valid (still in whitelist) and remove it.
        Parameters:
        context - the request context of the process validating the token
        token - the token to validate
        Returns:
        whether the token is valid