Using social sign-in - how to check if a user is authorized?
Say I have social sign-in using Microsoft provider.
Say I have an "authorized" table containing whitelisted emails that are allowed to sign in to my application.
How can I do the following in Better Auth?:
1. Upon sign in, check if the user's email from Microsoft exists in the "authorized" table. If it exists, continue with user creation, otherwise abort.
2. Upon session creation, check if the user's email still exists in the "authorized" table. If it exists, continue with session creation, otherwise abort.
3, Upon session update, check if the user's email still exists in the "authorized" table. If it exists, continue with session update, otherwise revoke the session/log the user out.
4. Are there any other hooks/lifecycle events I need to worry about? account update? verification update?
basically I am trying to always ensure that the user is in the "authorized" table. I know we have databaseHooks, but is this the right way? I would need to have code in three separate hooks (before user create, before session create, after session update), which seems unorganized. Any way I can do this in one area? Also, some of these hooks don't allow me to access "email" property.
Just need to check if the user's email exists in the "authorized" table when they sign in. If it doesn't exist, show an error/prevent sign in.
Say I have an "authorized" table containing whitelisted emails that are allowed to sign in to my application.
How can I do the following in Better Auth?:
1. Upon sign in, check if the user's email from Microsoft exists in the "authorized" table. If it exists, continue with user creation, otherwise abort.
2. Upon session creation, check if the user's email still exists in the "authorized" table. If it exists, continue with session creation, otherwise abort.
3, Upon session update, check if the user's email still exists in the "authorized" table. If it exists, continue with session update, otherwise revoke the session/log the user out.
4. Are there any other hooks/lifecycle events I need to worry about? account update? verification update?
basically I am trying to always ensure that the user is in the "authorized" table. I know we have databaseHooks, but is this the right way? I would need to have code in three separate hooks (before user create, before session create, after session update), which seems unorganized. Any way I can do this in one area? Also, some of these hooks don't allow me to access "email" property.
Just need to check if the user's email exists in the "authorized" table when they sign in. If it doesn't exist, show an error/prevent sign in.
