On behalf of a corporate client I am using auth0; added the required functionality by using post registration action, as recommended on your hooks page:
We recommend you to explore Actions, our newest
extensibility product now in General Availability.
Then my personal experience lead me to reading this post that this is a fire and forget architecture, and only the last component is functional.
Would it be possibly to remove the recommendation of actions on rule page until fire component works as well?
The post registration hook should work the same way as the post registration action. It is asyncronous to the rest of the Auth0 pipeline and should be treated with the same fire and forget expectations. Can you tell me more about your use-case so I can understand what is happening differently between the hook and action?
The use case is to obtain a unique posix user ID for registered users. The Actions were recommended, but somehow never fired when tested with database connection, the hooks did. As of now, I am rather short on time to verify this Action business for you…
Making things more complicated, I realised that when using socials the flow doesn’t go through hooks, so I reached for rules. Oh but the same script using aws-sdk doesn’t run under rules. Another few hours and two cups of coffee, it appeared that the aws-sdk@version are different, and probably the ones available under rules may not function properly (filed it under community bug)…
Currently I am working on an alternative solution, only 14hrs left in the time budget, so I am working on alternatives.
If you happened to know why this approach please let me know.
of course, there is a chance I overlooked something obvious, in that case sorry for the noise!
best wishes: steven
If you require this function to run for every user; social, database, or otherwise, then you will need to use a post login Action or a Rule.
I would suggest using an Action, as it is the successor to Rules and gives you access to a richer feature-set than Rules (versioning, full npm library, improved logging, etc.).
With that said, it is completely possible to achieve this with a Rule as well. Just be aware that rules have access to a limited set of npm modules and will be likely deprecated at some point in the future.
As for the execution, I would suggest using this type of flow with a post-login Action:
/**
* @param {Event} event - Details about the user and the context in which they are logging in.
* @param {PostLoginAPI} api - Interface whose methods can be used to change the behavior of the login.
*/
//I am using aws-sdk@2.458.0 to stay consistent with your code, but you could use any version you prefer.
const AWS = require('aws-sdk');
exports.onExecutePostLogin = async (event, api) => {
//If the user has already been added to the DB, skip this action
if (event.user.app_metadata.addedToDynamoDB) {
return;
}
//Otherwise, perform the database operation
const db = new AWS.DynamoDB({
accessKeyId: event.secrets.AWS_KEY_ID,
secretAccessKey: event.secrets.AWS_SECRET,
region: event.secrets.AWS_REGION
});
try{
console.log("adding the user to DynamoDB");
const results = await db.listTables({}).promise();
//...add your call to add the user to DynamoDB
// Update the user's app metadata to indicate they have been added to the db
console.log("successfully added user to DynamoDB");
api.user.setAppMetadata("addedToDynamoDB", "true");
} catch (err) {
console.log(err)
}
};
Does that make sense? I wasn’t sure if you are trying to retrieve a user ID or add a user ID to dynamo, but you should be able to do either one. The important piece here is that you are using a flag in the user’s app_metadata to indicate the operation has been completed. This operation should only run on the first login (unless there is an error from AWS, then it will try again on the next login), and any future logins will skip this operation because of the flag.
var AWS = require("aws-sdk");
exports.onExecutePostLogin = async (event, api) => {
try{
console.log("adding the user to DynamoDB");
api.user.setAppMetadata("addedToDynamoDB", "true");
} catch (err) {
console.log(err)
}
};
Then from database connections clicked on Try Connection, used database login, filled in the login form, and had a confirmed login.
Check user record for app metadata: nothing, checked for logs, no trace action ever run.
It sounds like you need to deploy the action. Can you confirm you have saved the action and added it to the post login action flow and applied the settings?