When inputting the OTP during sign-up after receiving it via email, every time I got redirected to a new link, causing an infinite loop. Before this, I used normal login with email and password and it worked okay. Is there another way to force email confirmation before user can sign up? I tried using actions, but because login seems to happen right after user registration, the if event.user.verified_email == false will execute each time. Thanks in advance for any help on the topic.
Hi @sara72,
You can use a Post-Login action script to deny users access until they have verified their email. Or, if you prefer, you can use a redirect to log the users out (/v2/logout endpoint) so that they have to provide their credentials again to log in.
For example:
exports.onExecutePostLogin = async (event, api) => {
if (!event.user. email_verified) {
api.access.deny(`Please verify your email address before continuing.`);
}
};
Or
exports.onExecutePostLogin = async (event, api) => {
if (!event.user. email_ver ) {
api.redirect.sendUserTo("https://YOUR_DOMAIN/v2/logout?redirectTo=LOGIN_PAGE_URL")
}
};
(Reference: Login Trigger)
If you continue having infinite loop issues, I recommend reviewing your Auth0 Logs to determine what events might be causing this problem.
Thanks,
Rueben