Post Registration Hook not firing for social connection user.

I have a Post Registration Hook that puts the new user’s info into firebase. This works fine on a username/password user, but the hook doesn’t seem to be firing at all when the user is initially created via logging in with Facebook - even though the user gets created in Auth0 just fine.

is this normal behavior for Hooks? Do they not fire for social connections?

2 Likes

I just found this bug too! I was wondering the same thing!

Thanks for posting this. It’s not running for mine either when posting to an authorized API.

My temp solution until Hooks are ready for prime time, is to use a rule instead and set a app_metadata value when it runs, detecting for that value each time, to know if a user signed up already.

user.app_metadata = user.app_metadata || {};
  if (user.app_metadata.signedup) {
    return done(null,user,context);
  }

And then in the callback fro your API, after your API has been successful:

user.app_metadata.signedup = true;
auth0.users.updateAppMetadata(user.user_id, user.app_metadata);

This emulates the “post registration” hook in a way, and Rules do run for Social Connections. @sandy

Hooks only run for Database Connections, as outlined in the docs. You can use Rules instead - @adampmoore’s answer is a great example.

I see that Hooks only work for Database Connections, but since an Auth0 user was being created when logging in via social I assumed that was “adding a user to the database” - It appears a user can be in the list but not in the database I guess.

Hopefully Post Registration hook can be added to social logins, because for doing things like creating the user via API on registration, makes the hook pointless unless you only allow username/password logins.

4 Likes

Thanks for your feedback, I have passed on this suggestion to the Hooks team to evaluate.

I agree. If the web hook doesn’t fire for social logins when registering a new account, then that just made social logins pointless for me. I wanted to be able to offer Social Logins + Username/Password but if the web hook doesn’t fire – then social logins isn’t an option for us. =(

1 Like

Yeah, I don’t think this will work for me. I’m not needing to add metadata. I’m needing to do a POST request as soon as the user finishes registering a new account.

So, the very first time a user logs (when they register) they don’t have the signedup metadata at all, the rule runs and that first line detects to see if metadata.signedup is true - if it is, then the rule returns and doesn’t continue - this is what would happen for all returning users. If it isn’t, then it continues on… this is where you put your API call and whatever you want to execute only on a user’s first login. Then after all that when your API call has finished, you then set that user’s metadata.signedup to be true so that the rule does not run any time afterward.

It doesn’t make Social logins pointless, it makes Hooks pointless if using Social logins. It’s unfortunate indeed, but this Post Registration Hook trigger can be replicated with Rules for now.

4 Likes

Are you creating an empty rule to add this into?

1 Like

Here’s my complete example for using a RULE and for first time logins (initial signups) creating a record in Firebase:

function (user, context, callback) {
  
  user.app_metadata = user.app_metadata || {};

  if (user.app_metadata.signedup) {
    return callback(null,user,context);
  }
  
  var request = require('request@2.56.0');
  
  var baseURL = FIREBASE.URL;
  var fbsecret = FIREBASE.SECRET;
  var fbIdentity = {};
  
  if (context.connection === 'facebook') {
  
   fbIdentity = {
    "identity": {
      "email": user.email,
      "name": user.name,
      "provider": context.connection
    }
   };
      
  } else {
    
   fbIdentity = {
    "identity": {
      "email": user.email,
      "name": user.user_metadata.fullname,
      "provider": context.connection
    }
   };
         
  }
    
  var putURL = baseURL + "/accounts/" + user.user_id + ".json?auth=" + fbsecret;
  
  request.put({
    "url": putURL,
    "json": fbIdentity
  },
  function(err, response, body) {
    if (err) return callback(err);
    
    user.app_metadata.signedup = true;
    auth0.users.updateAppMetadata(user.user_id, user.app_metadata);
    
    return callback(null, user, context);
  });
  
}

I posted the whole thing below, I’m sending data via Firebase API, so just replace the Firebase stuff with your API needs… you can see I’m also changing the data depending on if it was a facebook connection because the name comes from different place. Because of the user_metadata.signedup stuff, that’s how this Rule only runs for initial signups, just like the Pst Reg Hook. I would prefer using Hooks instead, because the editor is way better, but oh well, Hooks are new and not ready for Prime Time.

Thanks! Where are you storing FIREBASE.URL at?

That’s another problem with Rules compared to Hooks, with Hooks you can store secret keys with the hook so it’s not in the code, with Rules, as far as I know you have to just put it right in the rule itself, I don’t like that for API keys but it is what it is… I just removed those values here for submitting to forum.

Oh I see!

I knew with Hooks there is a gear icon where you can store passwords and secret keys. But, I wasn’t sure if there was something similar for Rules.

I understand now. =) Thank you again for all of your help. I’m going to test this out and see if I can get this to work.

I agree that I would rather this all be done via the web hook but I have noticed that when I’m writing code in the web hook – that there seems to be a lag – like if I type too fast for example – it sometimes freezes up some. I haven’t found that issue when typing in rules.

Do you know what the _id field is for facebook social logins?

I am needing to use a UNIQUE ID field for all my accounts. For username/password (database), I used the user.id but this is undefined for Facebook accounts. Any ideas?

I’m assuming the _id would be unique but I’m uncertain if this _id is the same thing as the id field for database accounts.

In rules you can store the URL in configuration object at https://manage.auth0.com/#/rules cc @sandy

This is a bit worrying as the doc also outlines that Hooks will eventually replace Rules, but apparently can’t reproduce all of their features (maybe it’s in the pipeline for later ?)

1 Like

Note that Hooks is still a beta feature. It will undergo several updates and changes before it is considered a full fledged feature of Auth0. As @adampmoore mentioned, Rules can be used in the interim to cover use cases not currently supported by Hooks. The Hooks documentation will be updates as we roll out new features - I suggest keeping an eye on them.