Signup and login flow when email verified is required for logging in


In my application the ideal authentication flow is as follows:

  1. The user signs up and is redirected to this verification page

  2. After the user clicks the verification ticket in his/hers mail client, the user is redirected to the index page of my application

However, lets imagine a scenario where the user creates an account and enters a wrong email.

  1. The user enters wrong mail on signup
  2. The user is redirected to the verification page on my webserver
  3. If the user tries to go to /login again the user is still redirected to the /verification page and cant create a new user.
  4. If the user tries to logout and login again the verification page is still shown.

What do I have to do to overcome this?

I have set up this rule in auth0

function (user, context, callback) {
  if (!user.email_verified && typeof user.email_verified !== "undefined") {
    context.redirect = {
    	url: "http://localhost:3000/verification?email=" +
   return callback(null, user, context);