Auth0 Home Blog Docs

User.login_count undefined



I am trying to extend the rule “Check last password reset”. Here is the code I have written:

function (user, context, callback) {

  function daydiff (first, second) {
    return (second-first)/(1000*60*60*24);

  var last_password_change = user.last_password_reset || user.created_at;
  var login_count = user.login_count;
  console.log("login_count = %s", login_count);
  console.log("last_password_change = %s", last_password_change);
  if (login_count === 1) {
    //First login - ask password to be reset.
    return callback(new UnauthorizedError('please change your password'));
  else if (daydiff(new Date(last_password_change), new Date()) > 30) {
    return callback(new UnauthorizedError('please change your password'));

  callback(null, user, context);

When I try this rule, I get the following output:

login_count = undefined
last_password_change = undefined
The profile is: 

I checked the Raw JSON for the user on which I am testing. The user has a valid login count and valid last password reset. Can you please help?


Hi @keshavan,

For login_count, can you please try the following:

var login_count = context.stats.loginsCount;

Can you describe what type of connection you are using, e.g. Auth0 db connection, or a custom db connection?


I am using an Auth0 db connection.


I am using an Auth0 db connection.


Can you do a console.log print for the entire user object to see what attributes are available in the script.


I cant copy paste the entire structure. It exceeds the character limits. The keys in the user structure:
_id, email, username, email_verified, password_history, user_id, clientID, picture, nickname, identities, updated_at, created_at, user_metadata, last_password_reset, name, multifactor, global_client_id, app_metadata, user_meta, persistent.


Please try printing the user.last_password_reset property to see whether this is defined.


Yes. It is defined.