Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

User creation workflow #1759

Open
5 tasks done
jpb06 opened this issue Jun 26, 2024 · 2 comments
Open
5 tasks done

User creation workflow #1759

jpb06 opened this issue Jun 26, 2024 · 2 comments

Comments

@jpb06
Copy link

jpb06 commented Jun 26, 2024
edited
Loading

Checklist

  • I have looked into the Readme, Examples, and FAQ and have not found a suitable solution or answer.
  • I have looked into the API documentation and have not found a suitable solution or answer.
  • I have searched the issues and have not found a suitable solution or answer.
  • I have searched the Auth0 Community forums and have not found a suitable solution or answer.
  • I agree to the terms within the Auth0 Code of Conduct.

Describe the problem you'd like to have solved

Hello!

Thank you for maintaining this lib! My team is using it since a while and it works just great.

We recently had a need for a custom signup flow, and we struggled to do what we wanted, ie:

  • Create an auth0 user from an email/password.
  • Perform a login on behalf of the user server-side (we don't want to prompt him for consent nor make him enter a second time his credentials).
  • Redirect him to a nextjs page that requires a session per nextjs-auth0.

Auth0 support advised us to use auth0 node library to create the user and then call /oauth/token to retrieve an id_token and an access_token. After some back and forth with support, we were finally able to implement something that works.

You can find a POC here:
https://github.com/jpb06/auth0-silent-login

Now, the issue is we had to extract logic from nextjs-auth0 (the content of this folder, basically) to perform the following tasks:

  • Shape/populate the session cookie payload
  • Encrypt that payload
  • Set the session cookie

From what I could gather, these responsibilities are spread out in internal code that is not exposed by the lib (StatelessSession class, TransientStore class, to name a few).

Redefining that logic in our own codebases is sub-optimal, as creating a session falls within the responsibilities of nextjs-auth0 in our opinion. If implementation details change on this lib, we would be exposed to regressions.

Describe the ideal solution

  • Would that make sense to have this lib expose helpers to create a session manually?
  • Is there something auth0 support and our team missed to answer this workflow?

Thank you for your time 🙇🏻

Alternatives and current workarounds

Partially related: #1207

Additional context

No response
@andresmarpz
Copy link

Related to #1751, which basically implies the need for an easier silent login workflow, which is highly necessary! Open to help if needed but big 👍🏼 to this issue.

@richardmon
Copy link

This appears to be a reasonable request. Requiring a newly created user to log in is detrimental to user experience. Hope this gets solved 👍 .

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
3 participants
@richardmon @jpb06 @andresmarpz