hi
I’ve managed to implement login, and i’ve come to add rules in order to whitelist specific email addresses, but i noticed that the whitelist is ignored on signup. So i wanted to only accept verified users through, but however i implement that rule seems to cause my app to give a ERR_TOO_MANY_REDIRECTS
from either / both my domain, but also my auth0 domain.
I’ve tried creating it as two rules, with the whitelist rule first or the verified email first,
i’ve tried combining it into one rule
function (user, context, callback) {
const whitelist = [ 'bigcoops@gmail.com', 'stockport.badders.results@gmail.com' ]; //authorized users
const userHasAccess = whitelist.some(
function (email) {
return email === user.email;
});
if (!user.email_verified || !userHasAccess) {
return callback(new UnauthorizedError('Access denied.'));
}
callback(null, user, context);
}
or:
function (user, context, callback) {
// Access should only be granted to verified users.
if (!user.email || !user.email_verified) {
return callback(new UnauthorizedError('Please verify your email before logging in.'));
}
const whitelist = [ 'bigcoops@gmail.com', 'stockport.badders.results@gmail.com' ]; //authorized users
const userHasAccess = whitelist.some(
function (email) {
return email === user.email;
});
if (!userHasAccess) {
return callback(new UnauthorizedError('Access denied.'));
}
callback(null, user, context);
}
but none of these have worked, and all result in the same symptom. removing the !user_email_verified part resolves the problem, but leaves me with the signup problem.
any suggestions?