adamchel
commented
5 years ago Hi @UnclePetros , thanks for filing this issue!
What you are describing is actually the expected behavior. If a new token provides custom metadata fields that already exist for that user, the existing values will currently take precedence.
If there are new fields that don't have existing counterparts, they will be added to the user, but fields can only be set once. If you need to dynamically modify and update custom user metadata, I recommend the following:
- Add a suggestion in Canny, which is where track feature requests from users.
- As a workaround for now, you can maintain a collection of users in your application, and maintain dynamic user data there. You can use Stitch's rules to restrict read and write access in such a way that a user can only edit (or read) their own user document. You could also use the MongoDB Node.js driver to directly access the database from your server.
Please let us know if this resolves your issue or if you have any questions. And feel free to open another issue if you run into any other problems.
UnclePetros
tkaye407
Hello, I'm using stitch cient SDK with the custom authentication to login in my webApp. I generate a custom web token on the server (with node.js and jsonwebtoken package), pass it to the client and connect with the stitch loginWithCredential() methods.
I also pass some metadata fields in my custom token.
It works fine on the first login, and metadata fields are updated correctly in my session data.
Unfortunately this does not work after a logout and login operation. It mantains always the old metadata in the session.
I've noticed if I manually remove the related custom user created from the Stitch administration page (Users section), it works again.
Any ideas?
Thanks.
Regards Pietro