Is there a success callback after a token is accepted?

[simevidas]

Note: See my comment below.

---

I’m switching from Mozilla Persona to Passwordless. Persona provided a callback after it verified a visitor’s email; in this callback, I would store the visitor’s information in the req.session object, which persists across page views and sessions (it think, it works via a persistent session cookie, but I’m not sure).

Basically:

1. Persona confirms a visitor’s email and sets it to req.session.email automatically
2. Persona invokes my callback function
3. Inside the callback, I retrieve the visitor’s data from my “users” database based on that email, and store it inside the req.session object (req.session.active = true, etc.)
4. From now on, throughout my app, I can perform checks like if (req.session.active) { /* active subscriber */ }

If Passwordless provided a success handler after a token is accepted, I could use it to write to req.session like I did with Persona. I hope this is possible somehow.

I guess, I could do:

app.use(function (req, res, next) {
    if (req.user && !req.session.email) {
        // token was accepted but the corresponding req.session fields
        // don’t exist yet; create them now
    } else { 
        next();
    }
})

but that runs during every request, so doing it once inside an acceptToken handler would be preferred 😅.

[simevidas]

Ok, I’ve looked in the “sessions” database. Passwordless adds a field. It looks like req.user === req.session.passwordless. Good to know!

Sorry about the confusion; I wasn’t sure how req.user relates to the session, but I think it’s more clear to me now.

It would still be great to have a one-time handler to add extra fields to the session, though.

[netpedro-com]

In my case, I need a successful handler that pass origin url.

[netpedro-com]

Duplicated #67