hi guys, what's the best flow for the social login...
# support-questions
hi guys, what's the best flow for the social login/signup with additional fields? Basically, this is what we wanna do.... Sofar, logging in works with social My idea is to use the JWT payload if userId is provided (userId from own database) Problem with that approach is, if user doesnt finish the signing up process, user is still registrered in supertokens and not deleted....
this is a good question
You can have a cronjob somewhere which checks for these users and then calls the delete API in supertokens
Alternatively, you can insert the user in your db on login / sign up, but in the session, you can save a flag indicating if they have provided the required fields or not. If they haven't you don't give them access to your backend routes (except for the one in which they can submit the fields), and on the frontend, you always redirect them to the page asking them for the fields. Once they have successfully given the fields, you can modify the session payload accordingly and then they will have access to the app.
Hey! Right, i'll go for the cronjob approach... Problem is that some fields are required in our database, so can't flag them there. I use JWT, so i'll return a nullish userId, and will redirect to the screen
Thanks for thinking with me! 👍
quick question, is it fine to map user from own db > with supertokens db based on the email
Copy code
              createNewSession: async function (input) {
                const userInfo = await ThirdPartyEmailPassword.getUserById(input.userId)

                const user = await sdk.getUserByEmail({ email: userInfo.email })
this is our logic don't see any reason to store supertokens user-id in our own db right?
Ideally you want to use the supertokens user ID cause the email of the user can change from the social provider's side, without their social provider's user ID changing.
ah okey, thnx!
hey, quick question... any way to refresh session on the frontend?
yes. There should be a function in the session recipe called attemptRefreshingSession
ye, i ment, the last step of this diagram


so, fixed all steps... problem is when user register in database
i need to refresh the session with new payload
You can use session.updateAccessTokenPayload function for that