Next.JS. I've got a simple example site working wi...
# support-questions-legacys
stevie_80460
11/11/2023, 8:28 AMNext.JS. I've got a simple example site working with the whole app secured.
Example based on this:
https://www.permit.io/blog/nextjs-passwordless-authentication-with-supertokens-and-twilio
I now need to move the secured pages to their own directory structure so I have a public user area and as logged in user area.
I simply moved the secured page to "/pages/secure" and tweaked the path in config
Copy code
const apiBasePath = "/api/auth/";
export const websiteDomain = `http://localhost:${port}`;
export const appInfo = {
appName: "SuperTokens Demo App",
websiteDomain,
apiDomain: websiteDomain,
apiBasePath,
websiteBasePath: "/secure",`
};Session.Error.UNAUTHORISED Copy code
async function loginClicked() {
router.push("/secure");
}r
rp_st
11/11/2023, 8:50 AMHey.
rp_st
11/11/2023, 8:51 AMThat blog may be quite outdated. Did you see our integration steps on our website? You should follow those.
s
stevie_80460
11/11/2023, 9:27 AMThanks. I've read extensively on your web site. I'm in the process of building something following the most up-to-date versions. But it was good to get a quick proof of concept working - and I can use that as a baseline to sanity check the inevitable mistakes I'll make on the way. Just need to get the disable-sign-up working now...
stevie_80460
11/11/2023, 9:28 AMI also found this - excellent docs.
https://supertokens.com/docs/passwordless/common-customizations/changing-base-path/website-base-path
stevie_80460
11/13/2023, 7:56 AMI have managed to get passwordless login working. It works well. And to try to get invites working, I have reached the end of this instruction:
https://supertokens.com/docs/passwordless/common-customizations/disable-sign-up/passwordless-via-allow-list
and
https://supertokens.com/docs/passwordless/common-customizations/disable-sign-up/passwordless-via-invite-link
But I am puzzled by how to actually call the functions -
> We can add emails / phone numbers to the allow list by calling the addEmailToAllowlist / addPhoneNumberToAllowlist function we implemented above.
I'm assuming I call the managed dashboard with Postman for that one - like changing user passwords - but get "Not found" when I try various guesses at what to hit.
And the
createUser/api/authr
rp_st
11/13/2023, 8:07 AMthe way to manage the email allow list is to store it in your own db. We don't have functions for that. The code snippets in the docs are just a reference.
s
stevie_80460
11/13/2023, 8:38 AMAh - OK. I can work on that.
But calling the
createUserstevie_80460
11/13/2023, 8:40 AMActually, the allow list should presumably be everyone already signed up by invite. I'm guessing there should be a way to list those without the need for a separate database.
- existing user - let them log in
- new attempt - block them
r
rp_st
11/13/2023, 8:56 AM> But calling the createUser for the invite - I guess I need to go back and do a bit of reading and setup about creating admin users. Then call that funtion on my own API?
Our sdk does have a function to create the user -
Passwordless.signInUprp_st
11/13/2023, 8:57 AMfor the allow list, it's only about users who are allowed to sign up. If you see the code in link 1, the funciton
isEmailAlloweds
stevie_80460
11/13/2023, 9:29 AMOK - now got the invite thing working to the point where I can create the new user in the database with email verified.
I now notice:
// TODO: send inviteLink to user's email
Will read up on how to do that.
r
rp_st
11/13/2023, 9:55 AMyou can just use some library that you want to use to send emails there. We don't have an invite email template.
s
stevie_80460
11/13/2023, 9:57 AMOK - that explains why I couldn't find the template. Is there a hook into the Supertokens outgoing SMTP or do I need to hard code in my own?
r
rp_st
11/13/2023, 9:58 AMyou should use your own
s
stevie_80460
11/13/2023, 10:01 AMThanks
3 Views