To provide a greater level of control to the type of verification required for your users, you can use this alternative higher-control method. This method requires you to write a custom Action to control the behavior of the Berbix integration Action.
First, create a custom Action by following the documentation on writing Actions. Once you've created your initial Action, you can write code to determine which users you want to provide a greater level of verification through the Berbix Action.
To do this, write a condition to trigger a higher level of verification. For example, you may want to trigger additional verification if the user is coming from an IP address that geolocates to a different country than their most recent login. When this condition triggers, set a berbix_template
value on the user's app metadata to the value of the Berbix template that you require the user to complete successfully.
Once the user has completed the verification process successfully with an "Accept" response from Berbix, the berbix_template
variable will be cleared from the app metadata automatically.
The example below provides scaffolding to demonstrate the flexibility and power of the Berbix Action:
/**
* This handler is constructed to require initial verification of all users upon initial
* login with the initialVerificationTemplate. On subsequent logins if the user logs in
* from an IP address that geolocates to a different country than their previous login,
* it asks the user to complete the newCountryReverificationTemplate.
*
* @param {Event} event - Details about the user and the context in which they are logging in.
* @param {PostLoginAPI} api - Interface whose methods can be used to change the behavior of the login.
*/
exports.onExecutePostLogin = async (event, api) => {
const lastLoginCountryCode = event.user.app_metadata.last_login_country_code;
const currentCountryCode = event.request.geoip.countryCode;
// If the Berbix template is already set, skip setting a template
if (!event.user.app_metadata.berbix_template) {
if (!lastLoginCountryCode) {
// This is the initial login for this user
api.user.setAppMetadata("berbix_template", initialVerificationTemplate);
} else if (lastLoginCountryCode !== currentCountryCode) {
// This user is returning from a different country from their previous attempt
api.user.setAppMetadata(
"berbix_template",
newCountryReverificationTemplate
);
}
}
api.user.setAppMetadata("last_login_country_code", currentCountryCode);
};