Actions - prevent login when email not verified

I would like to prevent login when user has an not verified email. I know you cannot show errors from rules / actions on the login page.
For my tenant I have several different applications, I would not like to implement this event handler in each of them, so I have an idea to

  1. build an independent webapp that will handle this event
  2. use actions after login

I did a simple action (for simplicity, I omit the topic of token generation and verification):

exports.onExecutePostLogin = async (event, api) => {
if (! event.user.email_verified) {
api.redirect.sendUserTo (“https://mywebapp_for_show_error.com”);
}
};
exports.onContinuePostLogin = async (event, api) => {
if (! event.user.email_verified) {
// Here I would like the login process to start again
}
}

How can I get the flow to check if the email is verified?

Hi @jakub.sztukowski

You are on the right track. I don’t understand your question, though.

Your app at mywebapp_for_show_error.com can either be a simple error page, or it can say “Please check your email and verify it, once you have done that click the continue button”. And the continue button returns to the login flow (via the /continue endpoint).

John

Hi, thank you for your response.
Yes after user click continue button, I can go back to login flow (/continue) but …sometimes users click the continue button without clicking in verify email . I would like redirect again to mywebapp_for_show_error.com becuse of event.user.email_verified is still false. I can;t do this beause at exports.onContinuePostLogin it doesn’t work. Is there any way to start login flow again?
Jakub

Hi @jakub.sztukowski

You cannot redirect a second time - each login flow is limited to a single redirect.

The easy answer is to fail the login with an unauthorized error, and tell the user to try again after they have verified their email.

The more user friendly but complex answer is to pull the user info before invoking the continue endpoint to make sure they have verified.

John