Enforce Email Domain Restriction with Google Sign-In
https://www.better-auth.com/docs/concepts/hooks#example-enforce-email-domain-restriction
Is there an easy way to do the same as the example above, but when using Google as a social sign in? I use Google Workspace at my work and we have custom domains, so I want to be able to verify if we're logging in with a Google account from that workspace. I'd like to be able to change where I'm sending the user depending on their email.
I've tried many things, like throwing
APIError inside of mapProfileToUser or getUserInfo, but it doesn't trigger a redirection to /api/auth/error, which I could have short-circuited to maybe do what I want, but it didn't work out.
As far as I can see there's no easy way to intercept/read data as you're trying to log in through a social provider, only when creating an account, through database hooks, but I would like to intercept any sign-in whatsoever.Hooks | Better Auth
Better Auth Hooks let you customize BetterAuth's behavior
6 Replies
also it looks like
disableSignUp is not working. I have it set to true and it is still creating a user when it doesn't exist.could you confirm me if this is still the case on latest? 1.2.5
I'll try to take a look when I can, any ideas for what I posted initially though?
You can do that using database hooks instead
On before create user
I figured I could do that yes but I'd like to make the check on every login if possible, there just isn't any mechanism for it
for every login, you can do before create session.