Hello everyone,
Some bugs were found recently in the package accounts-passwordless.
The main one was that the generated tokens were never expiring. Also, there wasn’t a way to provide the options loginTokenExpirationHours and tokenSequenceLength.
You can see the opened issues here and here, as well as the PR fixing the issues.
You can also check how to provide those options here.
If you’re using this package on your app, it’s extremely important that you update it.
You can do that just by running meteor update accounts-base accounts-passwordless.
Thanks.