Hello here, is it possible to implement number cod...
# support-questions-legacyd
dhatguy
05/23/2022, 10:45 AMHello here, is it possible to implement number code for email verification?
r
rp_st
05/23/2022, 10:46 AMhey @dhatguy
rp_st
05/23/2022, 10:51 AMYes. This is possible. However, it would require some customisation from your side:
- First, you want to provide the callback to send the email yourself. This callback takes the email verification link as one of its inputs.
- In this callback, you want to extract the one time use code from the link (it's a query param in the link), and save it against some random number code (a 5 or 6 digit code) in your db. So in your db, there will be a map from OTP code => email verification code.
- In the email, you want to send the OTP code to the user.
- When they enter the code in the app, you can call the email verification consume code API that we expose via our backend SDK.
- Finally, you want to override that API on the backend SDK side to fetch the actual email verification code from the input OTP, and then call the original implementation with it.
rp_st
05/23/2022, 10:52 AMI can probably make a demo app for this if you open an issue about this on our github.
d
dhatguy
05/23/2022, 10:54 AMOkay, thanks. I'll give it a try first and get back to you
r
rp_st
05/23/2022, 10:54 AMcool! please feel free to ask more related questions in this thread
d
dhatguy
05/23/2022, 12:12 PMI've tried to do it but didn't get it to work
dhatguy
05/23/2022, 12:12 PMI'll open an issue
r
rp_st
05/23/2022, 12:20 PMsounds good!
d
dhatguy
05/30/2022, 1:09 PM@rp_st I've been able to make it work
dhatguy
05/30/2022, 1:09 PMDo I need to store the rid too?
r
rp_st
05/30/2022, 1:12 PMnice!
rp_st
05/30/2022, 1:12 PM> Do I need to store the rid too?
Not needed.
d
dhatguy
05/31/2022, 4:30 AMalright
u
8bitjonny
10/06/2022, 9:20 AMQuick point on your suggested implementation @rp_st
There is nothing holding me back from saving that email verification code otp mapping inside the users metadata, right? Since the user must be logged in to submit the otp, I'll always have the user metadata to look it up.
Or is there something I'm overlooking in the implementation details of the user metadata feature, that makes it ill-fitted for this?
r
rp_st
10/06/2022, 11:59 AMYou could save that in the user metadata indeed. I think that would work. Just one point is that the user can generate multiple email verification links at the same time and all of them get revoked as soon as the user consumes even one of them.
u
8bitjonny
10/06/2022, 4:49 PMGotcha! Thx for the insight.
b
bian
01/17/2023, 7:24 PM@rp_st hi, is there any sample code for email verification via OTP available?
bian
01/18/2023, 3:54 AM@rp_st and also if i need to start fresh, do i have to customize UI fully to have additional OTP input page instead of email verification notice page?
r
rp_st
01/18/2023, 4:37 AMhey @bian here is an example: https://github.com/supertokens/supertokens-auth-react/tree/master/examples/with-emailverification-with-otp
I believe this answers both your questions.
b
bian
01/18/2023, 4:37 AMthanks!
4 Views