Is it valid to throw a redirect inside of the authentication function? #161

vedantroy · 2022-04-17T21:22:07Z

vedantroy
Apr 17, 2022

I'm using https://github.com/TheRealFlyingCoder/remix-auth-socials
I was wondering if it is possible to throw a redirect inside of the login function.
For example:

If the user logs in with their Google account, but the Google account is not inside the database -- then I want to redirect them to a signup screen where they can fill in some relevant information.

export const authenticator = new Authenticator<UserSession>(sessionStorage);
authenticator.use(
    new GoogleStrategy({
        clientID: process.env.GOOGLE_CLIENT_ID,
        clientSecret: process.env.GOOGLE_CLIENT_SECRET,
        callbackURL: `http://localhost:3000/auth/${SocialsProvider.GOOGLE}/callback`,
    }, async (oauth) => {
        const { profile: { displayName, _json } } = oauth;
        const { sub } = _json;
        const user = await getUserFromGoogleIdentity(sub);
        // can I do this?
        if (user === null) throw redirect(...)
        return user
    }),
    "google",
);

Answered by sergiodxa

Apr 17, 2022

Any error throw from the verify callback (the callback of the strategies) is caught by the Authenticator, then if you set failureRedirect when calling authenticator.authenticate then the library will get the error.message and set it on the session before doing a redirect.

Usually that should be enough, so you could setup any redirect using that option. But if you want to redirect directly from verify callback you could don't pass failureRedirect and instead pass the throwOnError option which will re-throw the error from the verify callback which will let you throw redirects.

That said, I don't recommend you to throw redirects from the verify callback, that will mix your business logic of …

View full answer

sergiodxa · 2022-04-17T22:04:44Z

sergiodxa
Apr 17, 2022
Maintainer

Any error throw from the verify callback (the callback of the strategies) is caught by the Authenticator, then if you set failureRedirect when calling authenticator.authenticate then the library will get the error.message and set it on the session before doing a redirect.

Usually that should be enough, so you could setup any redirect using that option. But if you want to redirect directly from verify callback you could don't pass failureRedirect and instead pass the throwOnError option which will re-throw the error from the verify callback which will let you throw redirects.

That said, I don't recommend you to throw redirects from the verify callback, that will mix your business logic of how to verify the user with the HTTP layer (redirects), instead you could throw directly from the verify callback and redirect in the loader or action where you call the authenticate method.

2 replies

vedantroy Apr 17, 2022
Author

Sorry, that last part was a bit confusing -- I read "I don't recommend you to throw redirects from the verify callback," and then I also saw "instead you could throw directly from the verify callback", could you clarify the distinction?

sergiodxa Apr 18, 2022
Maintainer

Throw an error from the verify callback, redirect from the loader/action function calling authenticate.

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

Is it valid to throw a redirect inside of the authentication function? #161

{{title}}

{{editor}}'s edit

{{editor}}'s edit

Replies: 1 comment 2 replies

{{title}}

{{title}}

{{title}}

Select a reply

Is it valid to throw a redirect inside of the authentication function? #161

vedantroy Apr 17, 2022

Replies: 1 comment · 2 replies

sergiodxa Apr 17, 2022 Maintainer

vedantroy Apr 17, 2022 Author

sergiodxa Apr 18, 2022 Maintainer

vedantroy
Apr 17, 2022

Replies: 1 comment 2 replies

sergiodxa
Apr 17, 2022
Maintainer

vedantroy Apr 17, 2022
Author

sergiodxa Apr 18, 2022
Maintainer