Channels
bot-training
community
contributing
general
github-activity
info
introductions
new-releases
random
security
support-questions
welcome-0xdelusion
welcome-aj-ya
welcome-aleksandrc
welcome-alpinjs
welcome-amberlamps1
welcome-andrew-rodriguez
welcome-ankit-choudhary
welcome-anthony-stod-custodio
welcome-call-in
welcome-chwalbox
welcome-claybiokiller
welcome-co7e
welcome-cosmoecwsa
welcome-devdag
welcome-dinso
welcome-drebotelho
welcome-elio
welcome-ernest
welcome-foxbarrington
welcome-fromscratch
welcome-galto4ir
welcome-goetzum
welcome-hay-kot
welcome-himanshu-kukreja
welcome-hossambarakat
welcome-ichikawakazuto
welcome-jahir9991
welcome-jamesl
welcome-jerry123424
welcome-john-oliver
welcome-jonas-alexanderson
welcome-jxyz
welcome-kelvinwop
welcome-kraz
welcome-lancekey
welcome-leoo
welcome-lukeacollins
welcome-m-j-mon
welcome-malik-khoja
welcome-marco
welcome-mardadi
welcome-meshguy
welcome-metamorph
welcome-mike-tectu
welcome-mirzok
welcome-mozomig
welcome-naberyou66_
welcome-nacer
welcome-namratha
welcome-naveenkumar
welcome-nightlight
welcome-nischith
welcome-notankit
welcome-olawumi
welcome-pavan-kumar-reddy-n
welcome-pineappaul
welcome-poothebear
welcome-rick
welcome-samuel-qosenergy
welcome-samuelstroschein
welcome-shubhamgoel23
welcome-shubhamkaushal
welcome-sidebar
welcome-surajsli
welcome-suyash_
welcome-syntaxerror
welcome-tauno
welcome-tawnoz
welcome-teclali
welcome-tls
welcome-turbosepp
welcome-vikram_shadow
Title
b
Bralz
11/28/2022, 3:50 PMHello two quick questions about this service. 1) Can I use username/password for logins? 2) I need a webhook/actions api to run some javascript on user signups.. Is this available?
r
rp
11/28/2022, 3:59 PMhey @Bralz
yes you can do both.
1) use the emailpassword login recipe and modify the email validators to accept any string. You can change the label on the frontend pre built UI to change "Email" to "Username" using the language translation feature.
2) We use the concepts of override (like in inheritance), using which you can modify the logic for any API exposed by supertokens. For example, see this on how to do post sign up stuff: https://supertokens.com/docs/emailpassword/common-customizations/handling-signup-success
b
Bralz
11/28/2022, 4:06 PMOk cool so then if I'm overriding the emailPassword stuff for a username, but still want an optional email address for each user, I would just add another metadata field for the email?
r
rp
11/28/2022, 4:09 PMYea.. but instead of storing the email in metadata, you should store in your own db cause then you can enforce uniqueness of emails.
Also, you may want to override the reset password related functions to get the email from your db (if it exists), instead of using our default impl, which will get the username, which ofc won't work.
b
Bralz
11/28/2022, 4:12 PMYes I am also making a MongoDB for some user specific data. So I can just use supertokens for auth and push everything else into the mongo user entry
r
rp
11/28/2022, 4:15 PMyea. Pretty much
b
Bralz
11/29/2022, 3:04 PMOne last question. Each user is going to get generated a key that needs to be encrypted at rest like a password. Would supertokens or my mongodb be the better choice for where to safely store this?
r
rp
11/29/2022, 3:15 PMIf you want to always fetch the that key from the userId, then you can use the supertokens metadata recipe to store it against the user.
If you want to fetch that key based on some other criteria other than the user Id, then you should store it in your own db.
b
Bralz
11/29/2022, 3:18 PMOk thanks.