Skip to content

Instantly share code, notes, and snippets.

@arcseldon

arcseldon/noLoginForConnectionType.js

Created March 15, 2016 08:28
Show Gist options
  • Star 0 You must be signed in to star a gist
  • Fork 0 You must be signed in to fork a gist
  • Save arcseldon/513965a010bde4e1583b to your computer and use it in GitHub Desktop.
Save arcseldon/513965a010bde4e1583b to your computer and use it in GitHub Desktop.
Download ZIP
Auth0 Rule sample - checking for connection type and login count.
Raw
noLoginForConnectionType.js
function noLoginForConnectionType(user, context, callback) {
user.app_metadata = user.app_metadata || {};
console.log('connection: ' + context.connection);
if (context.connection === 'google-oauth2'){
var cnt = context.stats.loginsCount;
console.log('user login count: ' + cnt);
if (cnt <= 1) {
console.log('Setting loginDisabled');
user.app_metadata.loginDisabled = true;
auth0.users.updateAppMetadata(user.user_id, user.app_metadata)
.then(function () {
console.log('Updated app_metadata - sending back unauthorized');
return callback(new UnauthorizedError('Access denied.'));
})
.catch(function (err) {
console.log('Caught exception: ' + err);
return callback(err);
});
} else {
console.log('Checking whether loginDisabled...');
if (user.app_metadata.loginDisabled === true) {
console.log('loginDisabled is true - sending back unauthorized');
return callback(new UnauthorizedError('Access denied.'));
}
}
}
// just callback as normal
callback(null, user, context);
}
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment