
Passwordless login with phoenix - jaxondu
http://inaka.net/blog/2016/07/27/passwordless-login-with-phoenix/
======
juandazapata
While the example explains the approach, this is susceptible to a brute force
attack where you just try different tokens until they work.

To further improve the security, the author shold include the `userId` in the
magic URL and make sure it matches with the `token`. Some sort of rate
limiting could work as well.

