Hi! I’m using the classic login experience with the NextJS-Auth0 library for our application. I am trying to set up a custom password reset screen that the callbackHandler forwards you to. I have this working through something like the following:
try {
await handleCallback(req, res);
} catch (error) {
if (error instanceof CallbackHandlerError) {
res.redirect(302, '/my/password/reset/page');
} else {
res.status(500).send('An error occurred on callback.');
}
}
This works, but the problem is that the user’s cookies are maintained. This means that if the user tries to reopen the browser, they will be stuck on this page. This isn’t awful for the password reset page, but I’m also trying to make this work for deactivated users as well.
I’ve been trying to use the existing logout endpoint; however, the issue is that it goes through handleCallback after the logout is processed, and at that point, the user’s cookies are still set from auth0.com. As a result, the user winds up back in handleCallback and gets redirected to the password reset page anyway.
Any thoughts?