Is it possible to check oauth email before creating an account?
In my app users must be invited in order to create an account. On the invite page, they have an option to create an account with email otp or with google oauth. When users use oauth, I want to be able to check that the email of the oauth account matches the invitation. Is there any way to get this email address using hooks?
6 Replies
Most likely with a hook/middleware
i'm not seeing it anywhere on the context
for example in next-auth, we had access to the
profile inside the signin callback https://next-auth.js.org/configuration/callbacks#sign-in-callbackCallbacks | NextAuth.js
Callbacks are asynchronous functions you can use to control what happens when an action is performed.
Maybe the approach here is to disable signup completely and create the account for the user using the org/admin plugin?
would love to know if anyone from the team has thoughts here! currently my workaround is to allow the user to create the account, then check if they have perms before allowing them into the application
you can hook in to account table https://www.better-auth.com/docs/concepts/hooks
Hooks | Better Auth
Better Auth Hooks let you customize BetterAuth's behavior
thanks @KiNFiSH - i think this should work, the only issue i'm seeing is i need to pass a token from the page where the user clicks the oauth sign in button to the calback that triggers user/account creation. it seems like i'll have to use a cookie as the params i'm sending aren't forwarded back to that endpoint