If the user has their email not verified, instead of failing with a generic error message of "invalid JWT", print an error message asking user to verify their email and try again.
In Auth0 mode, if the JWT validation has failed on the backend at the moment of clicking "Login", get a new ID token from Auth0 on the next click. This way, the user will not have to reload the page after validating their email - they can simply click "Login" again to get in.
Part of siderolabs/omni#114.
After this change is rolled out, we need to configure our Auth0 app to allow username/password auth.
utkuozdemir
commented
2 months ago
If the user has their email not verified, instead of failing with a generic error message of "invalid JWT", print an error message asking user to verify their email and try again.
In Auth0 mode, if the JWT validation has failed on the backend at the moment of clicking "Login", get a new ID token from Auth0 on the next click. This way, the user will not have to reload the page after validating their email - they can simply click "Login" again to get in.
Part of siderolabs/omni#114.
After this change is rolled out, we need to configure our Auth0 app to allow username/password auth.
Demo: