Checking the email or phone before sending a verification code

PreviousCustomize the Form NextSending Code or Link via WhatsApp

Last updated 4 years ago

Checking the email or phone before sending a verification code

You can call a function to check the entered email or phone before we send a verification code or magic link.

Use case

You only allow specific list of pre-screened phone numbers or emails
You want to know if the user is already registered, and redirect them to a Login page instead
You want to check if the email is from a certain domain

Check out this .

Implementation

var cotter = new Cotter("<YOUR_API_KEY_ID>"); 

cotter
  .signInWithLink(myOnBeginFunction) // 👈 Pass in your function here
  .showEmailForm()
  .then(payload => {})
  .catch(payload => {});

The `OnBegin` function specification

This function will be invoked before we send the verification code or magic link. You will receive the following payload as a parameter to your function

Payload passed into your OnBegin function

var payload = {
  identifier: "+12345678910",
  identifier_type: "PHONE",
  device_type: "BROWSER",
  device_name: "Chrome ...",
  client_json: { // This is available if you set up AdditionalFields
    "name": "Hello World",
    "address": "Street Address"
  }
};

You can do a check against the identifier here before the form is submitted.

If you include OnBegin key, you have to either return an error string, or return null if you want to continue the authentication process:

A. If you want to continue submission:

return null;

B. If you want to stop submission with an error:

return "Your error message";

Example with sync function:

 const myOnBeginFunction = payload => {
  if (payload.identifier != "+12345678910") {
    return "Phone Number is not allowed";
  }
  // No error, continue submission
  return null;
}

Example with async function:

 const myOnBeginFunction = async (payload)=> {
    try {
     let allowed = await checkIfPhoneAllowed(payload.identifier);
     if (!allowed) {
       return "Phone Number is not allowed";
     }
    } catch (e) {
     return e.message; // Make sure this is a string!
    }
    // No error, continue submission
    return null;
}

You should also check the email when Verifying the JWT Token

PreviousCustomize the Form NextSending Code or Link via WhatsApp

Last updated 4 years ago

You can call a function to check the entered email or phone before we send a verification code or magic link.

Use case

You only allow specific list of pre-screened phone numbers or emails
You want to know if the user is already registered, and redirect them to a Login page instead
You want to check if the email is from a certain domain

Check out this .

Implementation

var cotter = new Cotter("<YOUR_API_KEY_ID>"); 

cotter
  .signInWithLink(myOnBeginFunction) // 👈 Pass in your function here
  .showEmailForm()
  .then(payload => {})
  .catch(payload => {});

The `OnBegin` function specification

This function will be invoked before we send the verification code or magic link. You will receive the following payload as a parameter to your function

Payload passed into your OnBegin function

var payload = {
  identifier: "+12345678910",
  identifier_type: "PHONE",
  device_type: "BROWSER",
  device_name: "Chrome ...",
  client_json: { // This is available if you set up AdditionalFields
    "name": "Hello World",
    "address": "Street Address"
  }
};

You can do a check against the identifier here before the form is submitted.

If you include OnBegin key, you have to either return an error string, or return null if you want to continue the authentication process:

A. If you want to continue submission:

return null;

B. If you want to stop submission with an error:

return "Your error message";

Example with sync function:

 const myOnBeginFunction = payload => {
  if (payload.identifier != "+12345678910") {
    return "Phone Number is not allowed";
  }
  // No error, continue submission
  return null;
}

Example with async function:

 const myOnBeginFunction = async (payload)=> {
    try {
     let allowed = await checkIfPhoneAllowed(payload.identifier);
     if (!allowed) {
       return "Phone Number is not allowed";
     }
    } catch (e) {
     return e.message; // Make sure this is a string!
    }
    // No error, continue submission
    return null;
}

You should also check the email when Verifying the JWT Token

When a user logs in to Cotter, that you can send to your backend API to authorize a request. This access token contains the user's email or phone number. You should check if the email or phone number is allowed to log in in your backend server in addition to the OnBegin function.

Use case

Implementation

The OnBegin function specification

You should also check the email when Verifying the JWT Token

Use case

Implementation

The OnBegin function specification

You should also check the email when Verifying the JWT Token

The `OnBegin` function specification

The `OnBegin` function specification