Prior user in auth0 remembered during reset password flow?

binod.pant · October 11, 2023, 7:46pm

I am still early. on my research here but I am a bit confounded by this finding:

Setup:

auth0-react
our GetUser script is implemented to always just return null, null for both error and user profile
univ login with classic universal, custom login page with lock.js.

case 1 (user never existed in auth0): Reset password from ui page. I get two emails. one asks to verify email, another is reset pwd. Expected?

Case 2 (user used to be in auth0 but manually deleted from auth0): reset password now sends no email, and we see log error ‘User not found’. This is probably because our GetUser script is implemented to always just return null, null for both error and user profile

So when exactly does the GetUser script come into play? Does it only get called if auth0 user does not exist? If so how come the two cases above behave differently? Since user has been deleted in case 2 as well

dan.woda · October 17, 2023, 8:25pm

Hi @binod.pant,

Welcome to the Auth0 Community!

Thanks for the question. First, I would suggest setting up the Real-time Webtask Logs Extension. This will let you monitor console.logs from your scripts, and will show you when certain scripts are firing.

What UI page are you referencing here? It sounds like a user is being created (verify email) and sent a password reset (pw reset email).

If you are still having trouble, it would be helpful to see your custom DB scripts (exclude any sensitive info).

system · November 8, 2023, 4:10pm

This topic was automatically closed 14 days after the last reply. New replies are no longer allowed.