Code donation for action that ensures email is verified only for auth0 connections

For some of us who use social connections, the email is somehow not set to verified (e.g. twitter) when we use the built-in email verification action.

Therefore, I would like to donate my action code for email verification only when the connection type is auth0. This also ensures that every subsequent time an unverified user signs in, a new verification email is sent to that user.

/**
* Handler that will be called during the execution of a PostLogin flow.
*
* @param {Event} event - Details about the user and the context in which they are logging in.
* @param {PostLoginAPI} api - Interface whose methods can be used to change the behavior of the login.
*/
exports.onExecutePostLogin = async (event, api) => {
  if(event.connection.strategy==='auth0'&&!event.user.email_verified){
    if(event.stats.logins_count>1){
      let ManagementClient=require('auth0').ManagementClient;
      let management=new ManagementClient({
        domain:'<your domain>',
        clientId:'<your clientId>',
        clientSecret:'<your clientSecret>'
      });
      management.jobs.verifyEmail({
         user_id:event.user.user_id
      });
    }
    api.access.deny('Please check your email '+event.user.email+' for a verification email and click on the verification link before logging in.');
  }
};


/**
* Handler that will be invoked when this action is resuming after an external redirect. If your
* onExecutePostLogin function does not perform a redirect, this function can be safely ignored.
*
* @param {Event} event - Details about the user and the context in which they are logging in.
* @param {PostLoginAPI} api - Interface whose methods can be used to change the behavior of the login.
*/
// exports.onContinuePostLogin = async (event, api) => {
// };
1 Like

Hi @customautosys,

Thank you for sharing your solution with the community.