Hello.
In my application the ideal authentication flow is as follows:
-
The user signs up and is redirected to this verification page
-
After the user clicks the verification ticket in his/hers mail client, the user is redirected to the index page of my application
However, lets imagine a scenario where the user creates an account and enters a wrong email.
- The user enters wrong mail on signup
- The user is redirected to the verification page on my webserver
- If the user tries to go to /login again the user is still redirected to the /verification page and cant create a new user.
- If the user tries to logout and login again the verification page is still shown.
What do I have to do to overcome this?
I have set up this rule in auth0
function (user, context, callback) {
if (!user.email_verified && typeof user.email_verified !== "undefined") {
context.redirect = {
url: "http://localhost:3000/verification?email=" + user.email
};
}
return callback(null, user, context);
}