Is it possible to provide users the ability to automatic login after clicking on verify-email action?
Details: We have some SPA on Vue and verify-email end-point and for Verification Email (using Link) we using simple
Also, using the “Force email verification” rule
function emailVerified(user, context, callback) {
if (!user.email_verified) {
return callback(
new UnauthorizedError('Please verify your email before logging in.')
);
} else {
return callback(null, user, context);
}
}
So, the problem is user after clicking on the “Verify my email address” link should enter the email and password again…
Some part of routing redirections:
…
302 https://…auth0.com/u/email-verification?ticket=…#
server_redirect temporary …/verify-email?supportSignUp=true&supportForgotPassword=true&message=Your%20email%20was%20verified.%20You%20can%20continue%20using%20the%20application.&success=true&code=success#
200 https://...../verify-email?supportSignUp=true&supportForgotPassword=true&message=Your%20email%20was%20verified.%20You%20can%20continue%20using%20the%20application.&success=true&code=success#
....client_redirect javascript https://......auth0.com/authorize?client_id=...&audience=....&redirect_uri=https%3A%2F%2F....%2Flogin-callback&response_type=code&scope=openid%20profile%20email&response_mode=query&state=...&nonce=....&code_challenge=...&code_challenge_method=S256&auth0Client=...
302...
200 https://...auth0.com/login?state=...&client=...&protocol=oauth2&audience=....&redirect_uri=https%3A%2F%2F...%2Flogin-callback&response_type=code&scope=openid%20profile%20email&response_mode=query&nonce=...&code_challenge=...&code_challenge_method=S256&auth0Client=...
The main idea. The user already entered the email + password on the registration form. Got an email, clicked on verify email, and redirected on our SPA without entering email+password twice.
Thanks.
.