Skip to content

Feature Request: Support custom profile fields in Email OTP provider #166

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom
Open
nishilfaldu opened this issue Feb 20, 2025 · 0 comments
Open

Feature Request: Support custom profile fields in Email OTP provider #166

nishilfaldu opened this issue Feb 20, 2025 · 0 comments

Comments

@nishilfaldu
Copy link

Description

When using the Email OTP provider (@convex-dev/auth/providers/Email), there's currently no way to pass additional user profile information during the authentication process, unlike other providers such as Password authentication which support a profile method.

Current Behavior

Currently, when using Email OTP authentication:

  1. We can pass data from client to backend using FormData
  2. The createOrUpdateUser callback receives this data, but custom fields are not accessible through args.profile
  3. This forces us to implement workarounds like updating the user document after authentication

Example of current implementation:

// Client side (verify-email.tsx)
const formData = new FormData();
formData.append('email', email);
formData.append('firstName', firstName);  // Custom field
await signIn('resend-otp', formData);

// Server side (ResendOTP.ts)
export const ResendOTP = Email<DataModel>({
  id: "resend-otp",
  apiKey: process.env.AUTH_RESEND_KEY,
  maxAge: 60 * 20,
  // No way to access custom fields here
});

Desired Behavior

Similar to the Password provider, it would be helpful to have a profile method in the Email provider configuration:

export const ResendOTP = Email<DataModel>({
  id: "resend-otp",
  apiKey: process.env.AUTH_RESEND_KEY,
  maxAge: 60 * 20,
  profile(params, ctx) {
    // ctx can also be used here to update other user fields
    return {
      email: params.email as string,
      firstName: params.firstName as string,
      // Other custom fields
    };
  },
});

This would allow:

  1. Type-safe access to custom fields
  2. Validation of fields during authentication
  3. Consistent behavior with other authentication providers
  4. Cleaner implementation without needing post-authentication updates

Use Cases

  • Collecting user details during registration (name, preferences, etc.)
  • Setting user roles or permissions during signup
  • Storing additional metadata about the authentication process
  • Creating complete user profiles during the initial authentication

Workaround

Currently using a workaround by updating the user document after authentication is successful:

useEffect(() => {
  if (isAuthenticated) {
    updateUser({
      firstName: params.firstName,
      lastName: params.lastName,
      // Other fields
    });
  }
}, [isAuthenticated]);

This works but:

  1. Requires an additional database operation
  2. Creates a small delay in having complete user data
  3. Could potentially lead to race conditions
  4. Less elegant than handling it during the authentication process

Additional Context

This feature would bring the Email OTP provider in line with other authentication providers - Anonymous and Password in terms of functionality and would improve the developer experience when implementing email-based authentication flows.
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
1 participant
@nishilfaldu