Need to block user from signup and login if the user does not exist already

integ · December 13, 2023, 8:07am

Hi @dan.woda, @lihua.zhang , @rueben.tiow

I have a situation here and I am not able to get a solution even after going through lot of blogs within the community forum. Hope this is being discussed a lot of times but still without a proper solution.

Scenario:

User is added directly from our web app using Database Connections route.
We have disabled signups in our auth0.
Now if a user tries to continue with social connection(salesforce, google), our script should check if the email exists already in the auth0 database, if exist then we should allow login if not we should deny and throw error saying contact admin and user does not exist.

Now I have tried to add script in both the preUserRegistration as well as postLogin, but still when the user is already not present, a new user is getting created when they try to continue with social connection(google, salesforce).

onExecutePreUserRegistration:

const ManagementAPI = require('auth0').ManagementClient;

// Configure the Management API
const managementAPI = new ManagementAPI({
  domain: '[replace with domain]',
  clientId: '[replace with clientId]',
  clientSecret: '[replace with clientSecret]',
  });

exports.onExecutePreUserRegistration = async (event, api) => {
  try {
    // Extract user email from the event
    const email = event.user.email;

console.log(email);
    // Check if user already exists
    const userExists = await managementAPI.getUsersByEmail(event.user.email);

    // If user already exists, allow login and continue with social connection
    if (userExists.length === 0) {
      api.access.deny('User does not exist. Please contact your administrator for account creation.');
    }
  } catch (error) {
    api.access.deny('Unexpected error occurred. Please try again later.');
  }
};

onExecutePostLogin:
const ManagementAPI = require('auth0').ManagementClient;

// Configure the Management API
const managementAPI = new ManagementAPI({
  domain: '[replace with domain]',
  clientId: '[replace with clientId]',
  clientSecret: '[replace with clientSecret]',
  });

exports.onExecutePostLogin = async (event, api) => {
  try {
    // Extract user email from the event
    const email = event.user.email;

console.log(email);
    // Check if user already exists
    const userExists = await managementAPI.getUsersByEmail(event.user.email);

    // If user already exists, allow login and continue with social connection
    if (userExists.length === 0) {
      api.access.deny('User does not exist. Please contact your administrator for account creation.');
    }
  } catch (error) {
    api.access.deny('Unexpected error occurred. Please try again later.');
  }
};

I have included the above library in the respective flows. Could someone please point the configuration or the mistake which I am doing here, so that i can prevent the users from login/signup if the user does not exist already.

Thanks!