-
Notifications
You must be signed in to change notification settings - Fork 793
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
Improve options to get user's email address after sign up / authentication #1013
Comments
If this has no security risk, I don't think it should. I would really appreciate this addition. I would like to just send the Hanko token to my backend endpoints and instantly decode the user email inside the token without doing any further calls to Hanko servers. Or do what I plan to do now and have to store user email in local storage after sign up happens. Then send user email with every single request alongside the token. Then if at any point, hanko token is expired, in front end, I clear the local storage, then tell users to auth again to get both the token and user email into local storage. If I could just send the token in |
Having the user's primary email in the JWT would be very useful for backend user validation. Having to make a secondary, synchronous request to convert the Getting a user's verified email seems like a popular enough use case to justify the added JWT payload weight. Perhaps this could be enabled via an admin configuration option to populate the JWT with an email field? |
You should use the uuid of the user in the jwts sub field to determine if you already know the user. The primary email address can be changed. |
A good solution would be to include the user object in |
Checklist
Description
Currently, the only way to get a (new) user's email is through
user.getCurrent
provided by the frontend-sdk. It seems that this is not immediately clear when using Hanko.When building an integration with Hanko, the email address is basically always required to do the check if a user is new and needs to be created in the app, or if it's an existing user.
Let's think about improving this situation by maybe including the (primary) email address in relevant events such as
onAuthFlowCompleted
or even add the email claim to the jwt (seems like this is the most desired approach).Describe your ideal solution
No response
Workarounds or alternatives
No response
Hanko Version
0.8.3
Additional Context
No response
The text was updated successfully, but these errors were encountered: