Handling Rate Limit Issue When Fetching All User Invitations

Get Help
,
1

Hi everyone, I need to implement a flow where, if a user is invited to an organization but logs in via Google without using the invitation link, the system should find all invitations for that user and automatically redirect them to the relevant invitation.

I’ve already implemented a ‘User Has Invitation’ Action for this purpose, but I’m encountering a rate limit issue when trying to fetch organization invitations using Promise.all. Any suggestions on how to handle this more efficiently?

/**
 * Handler that will be called during the execution of a PostLogin flow.
 *
 * @param {Event} event - Details about the user and the context in which they are logging in.
 * @param {PostLoginAPI} api - Interface whose methods can be used to change the behavior of the login.
 */
exports.onExecutePostLogin = async (event, api) => {
  const { ManagementClient } = require('auth0');

  // Initialize Auth0 Management Client
  const auth0 = new ManagementClient({
    domain: event.secrets.domain,
    clientId: event.secrets.clientId,
    clientSecret: event.secrets.clientSecret,
  });

  // Extract user and connection information from the event
  const user = event.user;
  const connection = event.connection;

  // Check if the connection is Google OAuth2 or if the user is already approved, if so, proceed to the next action
  if (connection.name !== 'google-oauth2' || (user.user_metadata && user.user_metadata.approved)) {
    return;
  }

  // Fetch all organizations and invitations for the user
  const organizations = await auth0.organizations.getAll();
  const orgIds = organizations.map(org => org.id);
  const invitations = await Promise.all(orgIds.map(id => auth0.organizations.getInvitations({ id })));
  const invitationForUser = invitations.flatMap(i => i).find(i => i.invitee.email === user.email);

  // Check if there's no invitation for the user, if so, proceed to the next action
  if (!invitationForUser) {
    console.log(`No invitation found for user: ${user.email}`);
    return;
  }

  // Check if the user was invited by a different connection than the one they're currently logged in with, if so, proceed to the next action
  if (connection.id !== invitationForUser.connection_id) {
    console.log(`User was invited by another connection: ${invitationForUser.connection_id}. Proceeding to the next action.`);
    return;
  }

  /*
   * This approach simplifies the process by redirecting users to a non-secure localhost URL if they attempt to access a secure localhost URL.
   * It begins by defining both a secure and non-secure localhost URL.
   * If the invitation URL starts with the secure localhost URL, it redirects the user to the corresponding non-secure localhost URL.
   * Otherwise, it redirects the user to the original invitation URL.
   */
      api.redirect.sendUserTo(invitationForUser.invitation_url);
};
3

Hi @kostetskyroma,

If you have too many organizations the requests might be made way too fast for the API and they will rate limit you. I am not sure what would be the best way of implementing the functionality you’re describing. Since your code expects users to only have one pending invitation You could try inserting the invitation url into their user_metadata and redirect them there on login.

Have a good one,
Vlad

4

Hi @vlad.murarasu,

Hmm, I don’t think your solution will work in my case, because the user hasn’t been created yet - they’re trying to log in with Google for the first time.

So I think the only viable solution is to implement a method like getInvitationsByUserEmail().

Any other ideas?

5

This topic was automatically closed 14 days after the last reply. New replies are no longer allowed.