I’m brand new to Auth0. I followed along the RBAC example and got most things working.
I enable passwordless so people can login regardless they have an existing account or not. How do I determine in the callback handler whether someone is a returning user vs a new one? Obviously I want to direct new users to the Profile settings page, existing users to the dashboard.
It’s a Create-react-app SPA. auth0-js is the only library I’m using at the moment for handling email/verification code. Once user enters the correct code I want to customize the UI depending on whether they’re new or not. It seems for that I need to set a metadata flag in my Auth0 rule?
Thank you! Yep that is correct basically rules is the tool you need to use here as they’re kinda scripts that are run upon successful login and using metadata you will be able to track let’s say state of your user whether they’re new or existing
Got it! Thanks for the quick response. Another huge hang up I’m having is how to manage user sessions. I want to have the ability to “remember me for X days”. Are we suppose to roll our own or it’s part of some Auth0 js library? Auth0 docs recommended against storing session in localStorage due to XSS attack. The suggested alternatives seem overkill for my use case. I need to store identifiable information somewhere. Can you please point me to a tutorial/docs?
It’s a tough one unfortunately / fortunately for security of your system. I probably don’t have anything else than the alternatives that seem to be an overkill for you usecase. We basically recommend to force login again after max 3 days of inactivity from the user.