-
-
Save davidpmccormick/cf068bade1c0a656c5ab6667102cc2bf to your computer and use it in GitHub Desktop.
Auth0 post-login action
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
const sendUserTo = 'http://localhost:3000/account/registration'; | |
const successUrl = 'http://localhost:3000/account'; | |
exports.onExecutePostLogin = async (event, api) => { | |
console.log(event); | |
// If the user has accepted the terms already, we don't need to do anything else | |
if (event.user.app_metadata.terms_and_conditions_accepted) return; | |
// Redirect the user to the full registration page | |
const sessionToken = api.redirect.encodeToken({ | |
secret: event.secrets.MY_SHARED_SECRET, | |
payload: { | |
iss: `https://${event.request.hostname}/`, | |
sub: event.client.client_id, | |
}, | |
}); | |
api.redirect.sendUserTo(sendUserTo, { | |
query: { | |
session_token: sessionToken, | |
redirect_uri: `https://${event.request.hostname}/continue` | |
}, | |
}); | |
}; | |
// Handler that will be invoked when this action is resuming after an external redirect. If your | |
// onExecutePostLogin function does not perform a redirect, this function can be safely ignored. | |
exports.onContinuePostLogin = async (event, api) => { | |
const payload = api.redirect.validateToken({ | |
secret: event.secrets.MY_SHARED_SECRET, | |
tokenParameterName: 'token', | |
}); | |
api.user.setUserMetadata('first_name', payload['https://wellcomecollection.org/first_name']); | |
api.user.setUserMetadata('last_name', payload['https://wellcomecollection.org/last_name']); | |
api.user.setAppMetadata('terms_and_conditions_accepted', payload['https://wellcomecollection.org/terms_agreed']); | |
api.redirect.sendUserTo(successUrl, {query: {success: 'true'}}) | |
}; |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment