For some of us who use social connections, the email is somehow not set to verified (e.g. twitter) when we use the built-in email verification action.
Therefore, I would like to donate my action code for email verification only when the connection type is auth0. This also ensures that every subsequent time an unverified user signs in, a new verification email is sent to that user.
/**
* Handler that will be called during the execution of a PostLogin flow.
*
* @param {Event} event - Details about the user and the context in which they are logging in.
* @param {PostLoginAPI} api - Interface whose methods can be used to change the behavior of the login.
*/
exports.onExecutePostLogin = async (event, api) => {
if(event.connection.strategy==='auth0'&&!event.user.email_verified){
if(event.stats.logins_count>1){
let ManagementClient=require('auth0').ManagementClient;
let management=new ManagementClient({
domain:'<your domain>',
clientId:'<your clientId>',
clientSecret:'<your clientSecret>'
});
management.jobs.verifyEmail({
user_id:event.user.user_id
});
}
api.access.deny('Please check your email '+event.user.email+' for a verification email and click on the verification link before logging in.');
}
};
/**
* Handler that will be invoked when this action is resuming after an external redirect. If your
* onExecutePostLogin function does not perform a redirect, this function can be safely ignored.
*
* @param {Event} event - Details about the user and the context in which they are logging in.
* @param {PostLoginAPI} api - Interface whose methods can be used to change the behavior of the login.
*/
// exports.onContinuePostLogin = async (event, api) => {
// };