https://descope.com logo
Join Slack
Powered by
Hello again! I already have integrated Descope cli...
# ask-a-descoper
d
Hello again! I already have integrated Descope client SDK with my nextjs app. However, I have noticed taht even with Google Auth or Microsoft Auth, my user is succesfully verified only when I send the first OTP code that the app shows up. If I wait a while after read the QR code, and then I try to send the current OTP code, the verification fails. Why am i doing wrong?
s
When you say Google/Microsoft auth, you mean the Authenticator apps of these companies ?
d
yes
s
Ok ,why you call it OTP code ? You mean the TOTP code ?
d
yes
my bad
TOTP
s
How much time do you wait that it doesn't work ? There is some duration limit for security reasons
d
just leaving the fisrt pass , and try maybe the second code the app is showing, it is enough for a failed response
i am doing this because some users are not fast enough to get the first one
or they are maybe distracted
s
So you are basically sending 2 codes ?
d
No, only one code after reading the QR. But if i send the first code that the app shows, I recieve a successful verification, but if, instead, i decided to wait and send to descope the second, third o fourth code after reading the QR code, then Descope sends me a failed verification
all this is in a registration process
this is when i am registraring a user, that´s why i am reading the qr code
s
Ok, I better understand the issue now Looping in @some-librarian-64280 @salmon-night-88354 if they saw this before Will try to dig on this one
d
thanksss
s
@dazzling-jordan-63317 you use flows for the TOTP ? if so, can you send a screenshot of the flow you use ?
d
no, sdk client
directly in my code, i make de calls to tghe api by the sdk.
do you want me to share the component
s
can yuo send me the code snippets you use ?
d
?
one sec
s
also send the project ID
plz
d
TOTPAuth.js
TOTPAuth.js
s
I think I see the issue
I see in logs you get 
Failed to generate TOTP - user already exists
can you delete the user from user table , and try again ?
d
now it is deleted,
s
and when you try now ? does it work ? TOTP on attempt 2 ?
d
now it is working fine, however, i also decided to move const descopeSdk = DescopeSdk({ projectId: "P2PemPLCP7Nl4QjwyuckCB8BeQST" });
at the top of the compoenent, as a global instance
s
that makes sense
d
and avoid the double instanciation
s
yes, that is something to fix anyway
d
becuase i loaded the descopesdk inthe useEffects and in the onChangehandler
i will keep testing on it, if the problem comes back i will text you
s
sure thing !
but remember, register (signUp) you can only do once for user after that you use 
signIn
d
ok
thanks you one more time
s
of course , NP !!
also, let me know what error you got on this line before:
Copy code
console.log("Error Description: " + resp.error.errorDescription);
want to make sure you got informative error, if not, will fix that
d
it used to be
errorCode: E061102
errorDescription: "One-time code is invalid"
errorMessage: "Unauthorized login attempt in verify code"
@square-vr-55083 after finish the signup and verification process with my TOTP implementation, in the Descope dashboard the new user appears with unverified email and phone. How can I verify them? Without it it is not possible to sign up with other alternative like, for instance, magic link.
In m app I want to sigup with TOTP and after that, the signin process will be magic link + totp
s
few options for that 1. Use a backend MGMT sdk, to update the email as verified, this is a node example https://github.com/descope/node-sdk/blob/7338a862729a813c1278d400677775c04f30ef9b/lib/management/user.ts#L220 2. Use Flows, in the sign in flow, check if email is verified , if not use update email action with magic link/email otp/enchanted link
3. updateEmail from client/frontend side , looking for a good example for that, @salmon-night-88354 @breezy-evening-56597 do you happen to have ?
s
@dazzling-jordan-63317 - the user can update their email/phone. API: https://docs.descope.com/api/openapi/magiclink/operation/UpdateUserEmailMagicLink/ https://docs.descope.com/api/openapi/magiclink/operation/UpdateUserPhoneMagicLinkSMS/ Backend is possible as well, but I need to update our docs for that. If you want to do it in the backend, would you be using node, go or python? Give me a minute to test with flows. It's likely doable in flows too. Just a moment.
d
my stack is nextjs in the client and python in the backend
so answering your question, if i have to do it in the backend, i will go with python
i can not use your flows because i want to have some freedom in the in between of steps to verify info and do customs tasks of the bussines logic
for my solution
what do you think, can I go with this snippet in one endpoint of my api backend
Copy code
# Args:
#   login_id (str): The login ID of the user to update the email for.
login_id = "xxxx"
#   email (str): The new email address for the user. Leave empty to remove.
email = "<mailto:xxxx@xxxxxx.xxx|xxxx@xxxxxx.xxx>"
#   verified (bool): Set to true for the user to be able to login with the email address.
verified = True # or False

try:
  resp = descope_client.mgmt.user.update_email(login_id=login_id, email=email, verified=verified)
  print ("Successfully updated user's email address.")
  print(json.dumps(resp, indent=2))
except AuthException as error:
  print ("Unable to update user's email address.")
  print ("Status Code: " + str(error.status_code))
  print ("Error: " + str(error.error_message))
and the same for the phone number, i will make a request to such endpoints from th nextjs client app, just after the totp signup process finished.
s
So there's a few things. Do you have time for a quick zoom?
d
we can go here if you want
i am having troubles with zoom
these days
s
So, the mgmt route will force the verified. From the backend, you can also call the update email and phone methods. 
descope_client.magiclink.update_user_email(login_id=login_id, email=email, refresh_token_refresh_token)
descope_client.magiclink.update_user_phone(login_id=login_id, phone=phone, refresh_token=refresh_token)
These will take the refresh token from the TOTP sign up, and then send magic link to the email and phone.
d
ok, i will try it on
these snipptes you are sharing me, are they in the descope docs
?
any way, thank u very much, i will let you know if all ends well 🙏🙌👍
you are doing a fantastic job developing this tool. amazing!
s
They're currently missing from the docs. I will get docs updated. You can see them here: https://github.com/descope/python-sdk/blob/main/descope/authmethod/magiclink.py Keep me posted on your testing. Our R&D team is amazing to work with! We appreciate the feedback!
Open in Slack
PreviousNext
Powered by