Preparing for Rules and Hooks End of Life

dorinclisu / fastapi-auth0

FastAPI authentication and authorization using auth0.com

MIT License

230 stars 37 forks source link

Preparing for Rules and Hooks End of Life #34

Closed dorinclisu closed 1 year ago

dorinclisu commented 1 year ago

https://auth0.com/blog/preparing-for-rules-and-hooks-end-of-life/

In order to obtain the user email we are relying on auth0 rules which will be deprecated. https://github.com/dorinclisu/fastapi-auth0#email-field-requirements

This issue is for tracking progress on the required changes.

pybanaszak commented 1 year ago

Thanks for this plugin !

Here is the Action code (Login Flow) that could replace the Rule on Auth0 :

exports.onExecutePostLogin = async (event, api) => { if (event.authentication) { const namespace = "https://github.com/dorinclisu/fastapi-auth0/"; api.accessToken.setCustomClaim(namespace + "email", event.user.email); } };

dorinclisu commented 1 year ago

Thanks, I've actually combined it with the email verification requirement:

exports.onExecutePostLogin = async (event, api) => {
  if (!event.user.email_verified) {
    api.access.deny('Please verify your email before logging in.');
  }
  else if (event.authorization) {
    api.accessToken.setCustomClaim('https://github.com/dorinclisu/fastapi-auth0/email', event.user.email);
  }
};

Seems like no changes are required in this repo.