Possible to prevent duplicate emails from signing up?

IpexIbex · October 16, 2018, 7:59pm

I currently am testing out Auth0 for potential use in my app, which does not allow duplicate emails.
However, I noticed that Auth0 allows duplicate emails to be signed up through different providers (ie, Google OAuth can sign in a gmail account, and then that same gmail can sign up through the email/password function).

I was wondering if there is any way I can prevent Auth0 from allowing this to happen when a user tries to sign up (I do not want to link accounts - I prefer to not have to modify my existing backend to accommodate this).

Technically, I could have my own logic check for duplicate emails in my existing database when passport registers a successful login (and if I find an issue, immediately log out the user and tell them their email is in use), but that would still mean the Auth0 would essentially create a useless account. However, this would look strange taking into account login flow of the application, and I would much rather have the prompt of “email already in use” on the Lock screen itself.

markd · December 10, 2018, 10:56pm

You can use hooks or rules to do this. We have a pre-registration hook that checks new user usernames against a legacy database to prevent new users from grabbing a username in use by a user in the legacy database.

jaguevara1978 · April 23, 2019, 8:29am

I am having the same issue but don’t know how to implement that pre-reg hook. Can you, please, share your hook script? Thanks.

ramunas · April 24, 2019, 12:18pm

I am also looking for a pre-registration hook sample to check if email already exists in auth0 database.

markd · May 1, 2019, 4:23pm

Here is an example hook. It is LDAP specific but hopefully gives you an idea:

module.exports = function (user, context, callback) {
  var response = {};

  var ldap = require('ldapjs');
  var client = ldap.createClient({
    url: context.webtask.secrets.ldap_url
  });
  
  var username_exists = false;
  
  client.bind(context.webtask.secrets.ldap_service_account_dn, context.webtask.secrets.ldap_service_account_password, function(err) {
    if (err) {
      callback(new Error(err.code, err.description));
    }
    
    console.log('Requested username: ' + user.username);
    
    var opts = {
        filter: '(uid=' + user.username + ')',
        scope: 'sub',
        attributes: ['uid']
      };

    client.search(context.webtask.secrets.ldap_search_dn, opts, function(err, res) {
      if (err) {
        return callback(err);
      }
      res.on('searchEntry', function(entry) {
        console.log('User Found');
        username_exists = true;
      });
      res.on('error', function(err) {
        console.log(err);
        return callback(err);
      });
      res.on('end', function (err) {
        if (username_exists === false) {      
          console.log("Sign up OK");
          user.app_metadata = user.app_metadata || {};
          response.user = user;
          return callback(null, response);
        } else {
          console.log("Username already taken.");
          return callback(new Error("Please select a different username."));
        }
      });
    });
  });
};