Do I need to redirect users from a custom rule when a login rule throws an UnauthorizedError? The example I have seen, Auth0 Rules, does not do a redirect back to the login page. My rule returns me back to original starting point; I was thinking it should go back to the login page displaying the error message. I am thinking I am missing configuration value but not able to determine what it is.
Here is code snippet
var authorized = _.includes(user.groups, auth0GroupName);
if (!authorized) {
return callback(new UnauthorizedError('User not authorized for ’ + applicationName));
}
else
{
callback(null, user, context);
}
Take a look at the Lock flashMessage examples which can handle displaying error messages within the Lock widget itself:
Thanks for responding. I am in a rule when I raise the error. Will this affect the other rules? I am trying to understand how to get the login workflow to respond to the rule raised error. So I should have a conditional on the login page then?
So I added to the login page after log.Show() the examples shown for ‘authorization_error’ (plus ‘UnauthorizedError’) and “authenticated”. I am thinking that the user has been authenticated (username and password) but is failing in our authorization rule (authorized). I thought the workflow would be to go back to the login screen on an unauthorized error. Do I need to add in a hook to do this?
I should add that this is SAML based response.
I am not able to save the rule since Auth0Lock is not defined. Not sure we want to jump thru the hoops of adding the reference via node.js since we are not in an HTML page.
Are the rules ran server side or client side?
We have abandoned this. So this is no longer an issue.