Re-sending verification link after verification token expires
What's the correct pattern to allow re-sending a verification link if the user waits until after the verification token has expired to click the verification link?
(1) - UX pattern - I could check the query string for error=token_expired and provide some UI where they can enter the email address they signed up with to get a new verification link sent to them. Is there a better UX here?
(2) - generating verification token - not sure how to generate the token that sendVerificationEmail expects
(I know that attempting to log in before your email is verified will send a verification email, but I'd rather just let users enter their email address to get a new verification email, I don't see the need for a password here)
3 Replies
May not be a bad idea for us to implement it natively with a config but for now you could check how we construct verification token and use that to send on error using hooks
I used https://www.better-auth.com/docs/authentication/email-password#triggering-manually-email-verification
I am confused on error=token_expired as well, can server send back the email? if token expired, the whole url change only show error=token_expired, manually let user reinput their email is not a good idea.
Email & Password | Better Auth
Implementing email and password authentication with Better Auth.
yeah currently, it only shows an error - it doesn't resend the verification email or return the email in the payload. But, you can send a custom URL for the email verification link, and verify the token yourself. if the token has expired, you can call sendVerificationEmail again. If it hasn't, you can proceed with
authClient.verifyEmail