Auth Hooks: Welcome email sent twice (onAfterSignup + onAfterEmailVerified)
Hey!
I need your help about how to handle the Auth Hooks.
I’m trying to send a welcome email once a user has successfully created and verified their account. I support both Email and Google authentication.
At first, I thought I’d need to use both onAfterEmailVerified (for the Email workflow) and onAfterSignup with a check like
if (oauth && user.email) (for the Google workflow). But it seems that both hooks are firing, and the email ends up being sent twice.
I’m sharing my logs below — thanks in advance for your help!
[ Server ] [20:34:12.176] INFO (10789): Starting
[ Server ] user: "a71d655a-ee8e-43ac-b371-06348adda235"
[ Server ] operation: "onAfterSignup"
[ Server ] [20:34:12.196] INFO (10789): Finished
[ Server ] user: "a71d655a-ee8e-43ac-b371-06348adda235"
[ Server ] operation: "onAfterSignup"
[ Server ] [20:34:55.169] INFO (10789): Starting
[ Server ] user: "a71d655a-ee8e-43ac-b371-06348adda235"
[ Server ] operation: "onAfterEmailVerified"
[ Server ] [20:34:55.283] INFO (10789): Starting
[ Server ] user: "a71d655a-ee8e-43ac-b371-06348adda235"
[ Server ] operation: "onAfterEmailVerified"
[ Server ] [20:34:56.198] INFO (10789): Finished
[ Server ] user: "a71d655a-ee8e-43ac-b371-06348adda235"
[ Server ] operation: "onAfterEmailVerified"
[ Server ] [20:34:56.200] INFO (10789): request completed
[ Server ] req: {
[ Server ] "method": "POST",
[ Server ] "url": "/auth/email/verify-email",
[ Server ] "requestId": "f4a23756-77ad-4a42-a838-792b42079656"
[ Server ] }
[ Server ] res: {
[ Server ] "statusCode": 200
[ Server ] }
[ Server ] responseTime: 1111
[ Server ] [20:34:56.300] INFO (10789): Finished
[ Server ] user: "a71d655a-ee8e-43ac-b371-06348adda235"
[ Server ] operation: "onAfterEmailVerified"9 Replies
Hi @Ramon. I'm kapa.ai, your friendly support bot. I will try to answer your question by searching through the knowledge base. :wave:
----------------------
I can see from your logs that you're experiencing two issues:
1.
onAfterEmailVerified is firing twice - This appears to be related to React 18's StrictMode in development, which renders components twice. According to a GitHub issue about social login callbacks, this causes auth-related requests to be sent twice in development mode. The issue mentions that "each component is rendered twice in development. This means, our social auth callback page is rendered twice -> which sends the auth token twice to the backend."
2. Both onAfterSignup and onAfterEmailVerified are firing for email authentication - This is actually expected behavior for the email authentication flow. When a user signs up with email, onAfterSignup fires first when the account is created, and then onAfterEmailVerified fires after they verify their email.
Solution
For your use case of sending a welcome email only once after successful account creation and verification, here's what I recommend:
For Email Authentication: Only use the onAfterEmailVerified hook to send the welcome email. This ensures the email is sent only after the user has verified their email address.
For Google Authentication: Use the onAfterSignup hook with a check to determine if it's a Google login. You can use the findUserIdentity helper to check the auth provider:
This way, email users get the welcome email after verification (via onAfterEmailVerified), and Google users get it immediately after signup (via onAfterSignup), since Google authentication doesn't require email verification.
Regarding the duplicate onAfterEmailVerified calls in your logs - if you're running in development mode, this is likely due to React 18's StrictMode and should not occur in production builds.
----------------------
Note: you can ask me a follow up question by @ mentioning me again :speech_balloon:
----------------------
Sorry @Ramon, I seem to be having a bit of trouble. Don't worry though, I've pinged my support and they will try to fix me up! :technologist:
Perhaps try again in 15mins?Hi @Wasp Team! Could you please support me with this? I’d really appreciate your help
Hi @Wasp Team, I added some extra logs and it looks like the onAfterEmailVerified hook is being triggered twice. Could you take a look and see if this might be an issue on your side?
Thank you @Ramon for the debug info! We'll look into it 🙂
Are you seeing the double logs for both Google and email auth provider? Are you using
<VerifyEmailForm /> Wasp's component?Yes, I’m using it! The problem only appears when using the Email auth provider — Google works fine since it doesn’t require the email verification flow.
import { VerifyEmailForm } from 'wasp/client/auth';
<AuthWrapper>
<VerifyEmailForm />
</AuthWrapper>Hey @Ramon sorry for waiting so long. So, what's going on is that this is a development only behaviour of React where it renders each component twice to check if components are doing their cleanup correctly.
Our
VerifyEmailForm component triggers the verification backend endpoint as soon as it's mounted. Since React in development mounts it twice, the request is sent twice (check the screenshot).
Important thing here is that this won't happen in production. So this is more of a development-only annoyance that you get two welcome emails.
I'll create an issue for us to workaround this to make the behaviour more correct (we had to do a similar workaround for an OAuth component which couldn't trigger the backend twice).
Created an issue for this https://github.com/wasp-lang/wasp/issues/3407
Thank you so much!