Hello everyone
I’m trying to implement a “magic link” or “one-time login link” functionality
I wonder what a secure way to implement it would be.
The obvious and most simple solution to me seems to be generating a long enough string and storing it in the database.
When the link is opened, the app will just check the value against the database, and verify that it has not expired based on the creation date
But, an alternative way is to use encryption. Seems beneficial because it does not involve the generation of long enough string? As we can encrypt only database identifier which leads to a record of when the login request was made (to check if not expired)
I appreciate any feedback or tips, thanks 