I’m using an Auth0 login flow in my application, where access is restricted based on a hardcoded list of email addresses. However, this list of emails is quickly becoming long and difficult to manage. Google Sheet would be easier to manage my list of email addresses, but I’m unsure how I could integrate it into the code I have below.
exports.onExecutePostLogin = async (event, api) => {
// List of allowed email addresses
const allowedEmails = [
"email1@example.com",
"email2@example.com",
// More emails here
];
// Check if the user's email is in the allowed list
if (event.user && event.user.email && allowedEmails.includes(event.user.email)) {
// Actions for authorized users
} else {
// Deny access for others
api.access.deny(`Access to ${event.client.name} is not allowed.`);
}
};
How can I modify this script to read the list of allowed email addresses from a Google Sheet instead of having them hardcoded within this script. Or are there other alternatives I could use? My client side app uses the single page app SDK.
Thank you for posting your question; currently, there’s no plug-and-play option to integrate Auth0 Action with Google Sheet easily; this would include preparing the sheet itself, setting up a serverless proxy that would act as a bridge between your action and Google Sheet, and based on that the script itself you would need to find an email address in the list which also takes time. It is possible but can lead to an unpleasant user experience with a long loading time.
I encourage you to use the user metadata for that purpose or role. During signup, all users will have the selected method set to false, and you can send the API request to update the information, allowing the user to gain access to the application. To check if this is the first user login, you can use event.stats.logins_count
I’m not sure that workflow will work in my case. We don’t want users signing up. Our app is only using Google as the login. When I go to make a user in the user management console, it requires a user name and password.