Skip to content

Instantly share code, notes, and snippets.

@ericlevine

ericlevine/berbix-auth0-advanced.md Secret

Created December 14, 2021 05:40
Show Gist options
  • Star 0 You must be signed in to star a gist
  • Fork 0 You must be signed in to fork a gist
  • Save ericlevine/78c5b1a61c956046427cd4005a91923b to your computer and use it in GitHub Desktop.
Save ericlevine/78c5b1a61c956046427cd4005a91923b to your computer and use it in GitHub Desktop.
Download ZIP
Raw
berbix-auth0-advanced.md

Berbix Action Advanced Usage

To provide a greater level of control to the type of verification required for your users, you can use this alternative higher-control method. This method requires you to write a custom Action to control the behavior of the Berbix integration Action.

First, create a custom Action by following the documentation on writing Actions. Once you've created your initial Action, you can write code to determine which users you want to provide a greater level of verification through the Berbix Action.

To do this, write a condition to trigger a higher level of verification. For example, you may want to trigger additional verification if the user is coming from an IP address that geolocates to a different country than their most recent login. When this condition triggers, set a berbix_template value on the user's app metadata to the value of the Berbix template that you require the user to complete successfully.

Once the user has completed the verification process successfully with an "Accept" response from Berbix, the berbix_template variable will be cleared from the app metadata automatically.

The example below provides scaffolding to demonstrate the flexibility and power of the Berbix Action:

/**
 * This handler is constructed to require initial verification of all users upon initial
 * login with the initialVerificationTemplate. On subsequent logins if the user logs in
 * from an IP address that geolocates to a different country than their previous login,
 * it asks the user to complete the newCountryReverificationTemplate.
 *
 * @param {Event} event - Details about the user and the context in which they are logging in.
 * @param {PostLoginAPI} api - Interface whose methods can be used to change the behavior of the login.
 */
exports.onExecutePostLogin = async (event, api) => {
  const lastLoginCountryCode = event.user.app_metadata.last_login_country_code;
  const currentCountryCode = event.request.geoip.countryCode;

  // If the Berbix template is already set, skip setting a template
  if (!event.user.app_metadata.berbix_template) {
    if (!lastLoginCountryCode) {
      // This is the initial login for this user
      api.user.setAppMetadata("berbix_template", initialVerificationTemplate);
    } else if (lastLoginCountryCode !== currentCountryCode) {
      // This user is returning from a different country from their previous attempt
      api.user.setAppMetadata(
        "berbix_template",
        newCountryReverificationTemplate
      );
    }
  }

  api.user.setAppMetadata("last_login_country_code", currentCountryCode);
};
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment