Auth0에서 사후 승인 전까지 로그인 제한하는 방법
2024. 10. 14. 23:54ㆍ서버 프로그래밍
1) Login Trigger를 다음과 같이 추가해서 사용자의 App Metadata에 approved 값이 true일 때만 로그인을 성공하게 해준다.
exports.onExecutePostLogin = async (event, api) => {
const isApproved = event.user.app_metadata && event.user.app_metadata.approved;
if (!isApproved) {
api.access.deny('Administrator approval is required.');
}
};https://auth0.com/docs/customize/actions/explore-triggers/signup-and-login-triggers/login-trigger
Auth0
Get started using Auth0. Implement authentication for any kind of application in minutes.
auth0.com
2) 백엔드에서 특정 사용자의 App Metadata에 approved 값을 true 변경해주는 API를 만들어주고, 별도의 Admin 같은 곳에서 검토후 승인해주는 기능을 추가해준다.
const { ManagementClient } = require('auth0');
// Initialize Management Client with credentials
const management = new ManagementClient({
domain: '{YOUR_DOMAIN}',
clientId: '{YOUR_CLIENT_ID}',
clientSecret: '{YOUR_CLIENT_SECRET}',
});
// Update user metadata
const updateUserMetadata = async (userId, metadata) => {
try {
const updatedUser = await management.updateAppMetadata({ id: userId }, metadata);
console.log('User updated:', updatedUser);
} catch (err) {
console.error('Error updating user:', err);
}
};
// Example usage
const userId = 'auth0|user_id'; // Auth0 User ID
const metadata = { approved: true }; // Metadata to update
updateUserMetadata(userId, metadata);from auth0.v3.authentication import GetToken
from auth0.v3.management import Auth0
# Initialize Management Client with credentials
domain = '{YOUR_DOMAIN}'
client_id = '{YOUR_CLIENT_ID}'
client_secret = '{YOUR_CLIENT_SECRET}'
audience = f'https://{domain}/api/v2/'
get_token = GetToken(domain)
token = get_token.client_credentials(client_id, client_secret, audience)['access_token']
auth0 = Auth0(domain, token)
# Update user metadata
def update_user_metadata(user_id, metadata):
try:
updated_user = auth0.users.update_app_metadata(user_id, metadata)
print('User updated:', updated_user)
except Exception as e:
print('Error updating user:', e)
# Example usage
user_id = 'auth0|user_id' # Auth0 User ID
metadata = {'approved': True} # Metadata to update
update_user_metadata(user_id, metadata)