I have disabled signup. I want to create records i...
# helpr
RichCorbs
09/01/2021, 2:33 AMI have disabled signup. I want to create records in the public.users table and then corresponding records in the auth.users table via trigger/function and I have this working BUT the auth.users records are not exactly the same as what gets created when signup is enabled. The encrypted password and confirmation token fields are not populated. When this new user tries to sign in it returns "user not found" or something like that. Any ideas on what I should be doing differently?
RichCorbs
09/01/2021, 2:39 AMAre there somehow hidden functions/triggers that create these values? I cannot see any in the database.
RichCorbs
09/01/2021, 3:25 AMI get
Database error finding userRichCorbs
09/01/2021, 3:44 AMThe only difference between the signUp-generated auth.users records and mine are the encrypted_password and confirmation_token fields. I'm giving up for the night. Same error as above.
RichCorbs
09/01/2021, 5:32 AMI tried both security/permission choices on the functions. I thought for sure "run as creator" would fix it but no luck.
j
jason-lynx
09/01/2021, 7:09 AMyou mean after you pass in your own encrypted password and confirmation token to
auth.usersjason-lynx
09/01/2021, 7:10 AMbtw any reason for going from
public.users -> auth.usersr
RichCorbs
09/01/2021, 12:46 PMThanks for looking. Yes, my trigger function creates the auth.users record manually and I don't know the function/algorithm for generating those two fields. They are not empty if I put something in them.
I get the error above after (1) creating the new user in public.users, (2) after the trigger function creates the new auth.users record, and (3) after submitting just the new user's email address to sign in via magic link.
For my application I don't want (1) users to be able to sign up, (2) I don't want to have to create all new users myself in the dashboard, and (3) I've created UI for teams to add their own users in
public.usersRichCorbs
09/01/2021, 4:08 PMReporting back for posterity.
OK, so signing in with just email calls /magiclink which ALWAYS creates a new auth_user. Which isn't what I'm after. I'm after a kind of "pre-approved user" model.
The workaround for me was:
- I created a function that queries auth.users for an account with an email that matches.
- I call that function via rpc and pass in the email.
- If the email returns 1 I continue and call signIn.
- If the email returns 0 I display an error message.
- When I create a public.users record I will also call "signUp" for that user from the front end.