Hello,
Recently i have updated to auth0 4.4 , I’m using the Universal Login Process
I have noticed with the newer versions, we no longer need the /auth/[…auth0]/route.ts
so now its just the /lib/auth0 file
i had a question if the user tries to login , they see the scope how the app will use their data, and click decline
the app crashes
“An error occurred during the authorization flow.”
Where do i handle this logic / would it be inside the /lib/auth0?
As mentioned in our documentation, you will need to set the prompt=consent parameter when calling the /authorize endpoint in order to be prompted again.
export default async function RootLayout({
children,
}: {
children: React.ReactNode;
}) {
const session = await auth0.getSession();
if (!session?.user) {
console.log("Not authenticated");
// Redirect to the login page if the user is not authenticated
redirect("/auth/login?prompt=consent");
}
is this usually enough to get the reprompt for the login if user clicks on decline while viewing the app’s scope requirements ?
i dont see any other examples with the current version.
Thanks for the help by the way.
export async function middleware(request: NextRequest) {
const { pathname, searchParams } = request.nextUrl;
// Intercept only the /auth/callback path
if (pathname === "/auth/callback") {
const error = searchParams.get("error");
/* case for if the user clicks on decline button
during the app's scope request
if access_denied, redirect to login
*/
if (error === "access_denied") {
// Redirect user to login again with prompt=consent
const redirectUrl = new URL("/auth/login", request.url);
redirectUrl.searchParams.set("prompt", "consent");
return NextResponse.redirect(redirectUrl);
}
}
// Proceed with Auth0 middleware if not intercepted
return await auth0.middleware(request);
}
Usually, the redirect to the login route if the user does not have a session
( redirect("/auth/login?prompt=consent"); ) should resolve the issue since you passed in the parameter. If that did not fix the issue, the code you have added appears to be a suitable workaround since it accomplishes the same thing.