I am using universal login with a VueJS single page application. We need to force the users to reset their password the first time they login. I can see that we have a field last_password_reset which is set to true once a user resets their password.
I can also see that in post-login actions, we can deny login by using api.access.deny method. So, I wrote a very basic custom action like this
exports.onExecutePostLogin = async (event, api) => {
if (event.user.last_password_reset) {
return;
}
api.access.deny(`You need to reset your password. Click on the "Don't remember your password" link below to receive a password reset email`);
};
What I want to achieve is to show a flash message on the universal login lock.js screen when the access is denied. However, what happens right now is that I am redirected to my Vue js application with the error and error description as query parameters. Is there any way I can stop the lock.js page from redirecting the user to my application when access is denied with the post-login action? Or is there any better way of achieving what I am trying to achieve?