Advanced Customization for Login Form

Configuration Reference

Here's an example of a complete configuration:

var config = {
  // Required Basic Configuration
  ApiKeyID: "<your-API-KEY-ID>",
  Type: "PHONE",
  ContainerID: "cotter-container-login",
  RedirectURL: "https://yourwebsite.com/account/create",
  IdentifierField: "phone",
  OnSuccess: payload => {
    window.localStorage.setItem("session", payload.session);
    window.location.href = "/dashboard";
  }
  OnBegin: async payload => {      
    var userID = await this.getUserIDFromPhone(payload.identifier);
    return {
      userID: userID,
      err: null
    };
  },
  // ---------

  // Change Country Code
  CountryCode: ["+62"], // IT HAS TO BE AN ARRAY

  // Styling
  ButtonBackgroundColor: "#000000",
  ButtonTextColor: "#ffffff",
  ButtonText: "Sign Up Now",
  ErrorColor: "#ff0000",
  
  // Event Name in the Event Response
  EventName: "LOGIN_EMPLOYEE",
  
  // Allow OTP as a fallback method for TrustedDevice
  AllowOTPFallback: true,

  // Skipping RedirectURL and receive event response in OnSuccess
  SkipRedirectURL: true,
  
  // Change the prompt message
  AuthRequestText: {
    title: "Approve this login from your phone",
    subtitle: "A notification is sent to your trusted device to confirm it's you",
    image: "https://yourwebsite.com/image.png",
    titleError: "Something went wrong",
    subtitleError: "We are unable to confirm it's you, please try again",
    imageError: "https://yourwebsite.com/image.png",
    imageSuccess: "https://yourwebsite.com/image.png",
    switchOTPText: "Authenticate with OTP instead"
  },
  
  // Receive error message
  OnError: payload => {
    console.log("ERROR", payload);
  }
};

Description

RedirectURL

We will send a JSON Object to this backend URL. The JSON Object will have the following format:

{
  "ID": 2397,
  "CreatedAt": "2020-04-01T05:28:12.540127Z",
  "UpdatedAt": "2020-04-01T05:28:16.599833Z",
  "DeletedAt": null,
  "client_user_id": "<YOUR USER ID>",
  "issuer": "<YOUR API KEY ID>",
  "event": "LOGIN_WEB",
  "ip": "123.347.26.236",
  "location": "San Mateo",
  "timestamp": "1585718892",
  "method": "TRUSTED_DEVICE",
  "new": false,
  "approved": true,
  "signature": "reBafVsmpxO7km5jpRQ3xA..."
}

Description:

payload.client_user_id

Contains your user's user_id that you used when registering the user to Cotter. This should be the user_id from your backend.

payload.event

The event tag that you specified. The default value is LOGIN_WEB. You should specify this with a relevant tag, like WITHDRAW ,PAYMENT ,etc. You can specify it using the EventName attribute in the config.

Validate the event response

You should validate the event response to make sure it comes from Cotter's server

Skip RedirectURL

If you want to handle Cotter's Event Response in a function instead of sending it to your backend redirect_url, you can specify

{
  ...
  SkipRedirectURL: true,
}

When this is true, the JSON payload as specified in RedirectURL section will be passed into your OnSuccess function.

OnBegin

This function will be invoked before the Login process. You are expected to return a user_id at the end of the function. You will receive the following payload as a parameter to your function

Payload passed into your OnBegin function

var payload = {
  identifier: "+12345678910",
  identifier_type: "PHONE",
  device_type: "BROWSER",
  device_name: "Chrome ..."
};
  1. You can do a check against the identifier here before the form is submitted.

  2. You should get the user_id based on the identifier in your backend (or use the identifier if that's what you used). This should be the same as the user id used in the Required Steps.

A. If there is no error:

return {
    userID: "<your-user-id>",
    err: null,
}

B. If there is an error:

return {
    userID: "anything",
    err: "Error message",
}

Example:

 OnBegin: payload => {
  if (payload.identifier != "+12345678910") {
    return {
      userID: null,
      err: "Phone Number is not allowed",
    }
  }
  // No error, continue submission
  var userID = this.getUserIDFromPhone(payload.identifier);
  return {
    userID: userID,
    err: null,
  };
},

OnSuccess

This function will be called after the call to RedirectURL is successful. Your function will receive the payload returned from RedirectURL.

It is recommended to set your sessions or cookies here, and then redirect to another page in your website. For example:

OnSuccess: payload => {
  // You can set your own sessions for your website
  window.localStorage.setItem("access_token", payload.access_token);
  window.localStorage.setItem("refresh_token", payload.refresh_token);
  window.location.href = "/dashboard";
};

OnSuccess when SkipRedirectURL is true

When you set SkipRedirectURL: true , OnSuccess will instead receive the JSON Event REsponse that was described in RedirectURL section.

CountryCode

The default value is CountryCode: ["+1"];

If you specify this, you have to use an array even though you only need 1 country code!

ex. with 1 country code

CountryCode: ["+1"];

ex. with 2 country codes

CountryCode: ["+62", "+91"];

Currently, the only available countries are United States, India and Indonesia. Chat us on Intercom if you need other countries, we just need to switch it on.

AllowOTPFallback

If you set this to true, your users will have the option to use OTP to login/authenticate. You should set OTP Fallback as true in your dashboard under Rules.

Last updated