emailPasswordAuth.registerUser not confirming new user or creating custom user data

Hey there!

I’m using the realm-web SDK and emailPasswordAuth. When I try to programmtically create new users with the realm-web SDK it doesn’t confirm the new users or create the new user’s custom data record. In the Realm UI, I have the Email/Password authentication provider enabled and configured with User Confirmation Method set to Automatically confirm users. All changes are published.

When I create a new user on the Realm UI, the new user is created and confirmed, causing the function that generates custom data to fire and the custom data to be created. This works without any trouble.

The same is not true for my application. I’m using NextJS and I have realm-web set up in a context provider as per the Realm Web App with React, JavaScript, and GraphQL tutorial. I have the instance of the Realm app bound to a variable called app. When I call app.emailPasswordAuth.registerUser, it registers the user but doesn’t automatically confirm the user, putting the user in the list of pending users and not creating the user’s custom data object.

Unlike the Realm UI, new users created with emailPasswordAuth.registerUser are created in a pending status.

The user’s custom data isn’t being created until after the user logs in, which is problematic as the user’s custom data is what I can query and display on my web app. My current workaround is creating an API route that spins up an edge function which loads an instance of headless Chrome, logging the user in and out, then returning an HTTP status. It’s really not great for a ton of reasons.

The logs only indicate that an authentication action took place. There’s no indication of any issues.

Changing Authentication on the Realm function that is creating the new user documents has no effect on the outcome of calling app.emailPasswordAuth.registerUser.

I’m at a loss. How do I confirm new users and create custom user data using realm-web's emailPasswordAuth?

I’m still struggling here. Has anyone seen this before or know how to resolve it?

The creation of Realm users is a little odd.

You’re correct that the user isn’t confirmed until they log in for the first time.

Not sure what the logic flow of your app is, but one option is to store the data against an anonymous user and then have a Realm authentication trigger copy that into the final custom_data document when the user logs in for the first time (Action Type == Create).

1 Like

Thanks for getting back to me, @Andrew_Morgan .

This is pretty much what we’re doing. The challenge is that unless we keep the custom user data cache in with the real custom user data records new users that have not logged in cannot be queried and their data cannot be rendered. They’re effectively ghosts until they log in. Keeping what is effectively temp data in with other user data seems like bad mojo, as document IDs for temp data are effectively orphaned. Maybe I’m off base on this. It feels like DB code smell to me though.

Our use case is a multi-tenant application where tenants are organizations and organization have admin users who can create new users. User data is drawn from the collection of custom user data. Having a way to create a custom user data document that is connected to its Realm user without requiring the new user to log in or without polluting our collection of custom user data with cache data for ghost users is what we’re trying to achieve. In the absence of this and without executing another workaround, newly created users just don’t show up (only custom user data can be queried, so only users with custom user data show up). This is miserable UX for our users.

To get around this, we’ve built this (frankly crazy) edge function which spins up headless Chrome and logs the user in, after which we send new users a gussied up password reset email that looks like a registration invitation. It’s not great and takes around 10 seconds to execute.

Am I understanding you correctly that apart from workarounds or polluting our collection of user data that is linked by _id to the Realm user objects (which we cannot access), there is no way to generate custom user data records at the time of registration without having the user actually login? Beyond this use case, having the system be this rigid has rough implications for seeding new users during migrations.

My experience is that when I see something that feels like an oversight it typically means that I’m ignorant, as the products I integrate with are built by engineers who typically understand the problems they’ve built around far better than do I. I’m rooting for my ignorance over what feels like a product oversight on this one.

It seems like there is currently no functional solution for this use case with Realm Auth. Switching to another Auth provider (next-auth in my case) and using Realm JWT auth resolves this problem.

This topic was automatically closed 5 days after the last reply. New replies are no longer allowed.