Open shiftlabs1 opened 8 months ago
@shiftlabs1 when magic link login flow is used. An email is shoot to user with following link
https://YOUR_AUTHORIZER_INSTANCE_URL/verify_email?token=verification_token&redirect_uri=REDIRECT_URI
You can set the redirect URL by either passing it to the magic_link login param or by setting the APP_URL
param. If none of the above is present, it will redirect to authorizer universal login page (/app route of authorizer).
thanks @lakhansamani . None of this in the docs .Would need adding .
True, I will add it soon 👍
@lakhansamani I am back at this . The redirect URl i get only has querystring parameter "roles" and nothing more. How do i get the user's auth data as expected to redirect them as logged in users
I got this for e.g
https://autherizer.app/verify_email?token=eyJhbGciOiJSUzI1NiIsInR5cCI6IkpXVCJ9.eyJhdWQiOiIzYWMzYjhiYy0wOTdkLTRhODctOGRhYi0xYzg2NzE2MGI3MDAiLCJleHAiOjE3MDE4NjYwNjQsImlhdCI6MTcwMTg2NDI2NCwiaXNzIjoiaHR0cHM6Ly9hdXRob3JpemVyLXByb2R1Y3Rpb24tZjUwYS51cC5yYWlsd2F5LmFwcCIsIm5vbmNlIjoiK0xkZXZjWkZxUld1QzBHQ0kzRFk3c1pId3pnTWRkc2VTTDhCRTB3ZDNyYVhqZkJRIiwicmVkaXJlY3RfdXJpIjoiaHR0cDovL2xvY2FsaG9zdDozMDAwL2F1dGgvbWFnaWMtbGluay8_cm9sZXM9dXNlcixlbXBsb3llZSxlbXBsb3llci1hZG1pbixlbXBsb3llci11c2VyXHUwMDI2c3RhdGU9Iiwic3ViIjoiam9zaHVhQHN0b2t2ZXN0LmNvbSIsInRva2VuX3R5cGUiOiJtYWdpY19saW5rX2xvZ2luIn0.t9hMxKMYSwk-d4lhTcBZEXFkpg4XyJaY_WPD9XSXkWPBgZiTrhc-8HrdVw1CgRYFjS8HaXlnNdau4McJus9jtNNWzxeO_B9h3MWcybEVAqN3pKP5aopkJowLpsMoa0tfEFCY2wATXyh6P4JtNfizFhYxdxLdFbVqEdWMDPcMDPrdb6PAB7hMK5bM_-YM4EpQLlbJOps2DOAxUjiLidFfSi0VAAufVUjl1_YKlR-D1-WDeGasY6P2oDIz-hATolXXqVKfi3QF1ofWDIhLYHicz2AZcUVs4r2h5glxeIb-HIBXMHM5Ju2SwDCz-C2adLVGhUG3rWLELWkgLEG22faAnA&redirect_uri=http://localhost:3000/auth/magic-link/?roles=user,employee,employer-admin,employer-user&state=
Looking at the code
// GetEmailVerificationURL to get url for invite email verification
func GetEmailVerificationURL(token, hostname, redirectURI string) string {
return hostname + "/verify_email?token=" + token + "&redirect_uri=" + redirectURI
}
redirect Url should also get the token passed as query string to enable a call to getprofile (i am assuming the token is access token) for e.g to pull the current user's credential and also mark them as logged in
@lakhansamani please take a look at this and let me know how to proceed.
@shiftlabs1 I am quite not getting the flow here,
Can you write down the flow once and reproducible steps
Thanks
The current flow is
await authClient.magicLinkLogin({ email: formData.email, redirect_uri: MAGIC_LINK_CALLBACK_URL })
gets called Ideal should be from 4 above
right now the redirectUrl being behind an auth wall just send the user back to the login screen .
@lakhansamani , I should be able to do this from the redirect URL
Thank you for sharing the reproducible steps, I will look into this
@lakhansamani ,I am trying to make sense of the magic link flow. When a user clicks on the link in their email , what happens next ? what authorizer function do we call on our application to verify the incoming link ? Does it have a token attached? are we supposed to call verifyEmail and pass a token parameters from the URl like we do in the SIgn up Flow ? There is no where in the documentation (or any of the youtube videos) explaining this bit