Strange issue with password reset link redirecting to the redirect_url straight away

Hi,

We are the using the “Post User Registration” flow to send the password reset email once the user has registered.

exports.onExecutePostUserRegistration = async (event, api) => {
  if (event.user.email !== undefined) {
    const auth0 = require('auth0');
    const authClient = new auth0.AuthenticationClient({
      domain: event.secrets.DOMAIN,
      clientId: event.secrets.CLIENTID
    });

    // Slack notification
    const initSlackNotify = require('slack-notify')
    const slack = initSlackNotify(event.secrets.SLACK_WEBHOOK_URL)

    const userAndConnection = {
      email: event.user.email,
      connection: 'Username-Password-Authentication'
    };

    // Send password change email
    await authClient.requestChangePasswordEmail(userAndConnection, (err) => {
      if (err) {
        slack.alert(`Error while sending new user email to ${event.user.email}`)
      }
    });

    slack.success({
       text: `New User \n email: ${event.user.email} \n name: ${event.user.given_name} ${event.user.family_name}`
    })
  }
};

We are having a strange issue with external users, the link that gets sent to them will redirect them directly to the redirect_to url set in the email template without them seeing the change password screen.

They will attempt to use the reset password button on the login page but that results in the same behavior.

We have not been able to reproduce this locally but almost every external user that has signed up in the last couple of days has had this issue.

I’m not seeing any errors or different user objects or requests or anything so I’m not sure where else to look.

Hi @Raoul,

Welcome to the Auth0 Community!

What do you mean by external users? Are your logs showing a successful password reset? Any way for you to get a screen grab of this happening, or some evidence to try and reproduce?

This topic was automatically closed 14 days after the last reply. New replies are no longer allowed.