Questions about Netlify Identity Serverless functions

Hey @cfjedimaster :wave:t2:

Thanks for all the context and I hope you’re enjoying playing around with Identity and Functions and how they work together :slight_smile: I’ve personally done a lot in this space recently as well. Let me try to get through some of your thoughts here.

Identity Event-triggered Functions - Of these three hooks, none are called when the user signs up via 3rd party services (e.g. login from Google, GitHub, etc.). While it’s not necessarily written out in the docs, there are other threads here on the Community that get a bit deeper into that, but the idea is that you’d probably just make a normal Function and kick it off from a web hook provided by the 3rd party. The workflow for these Identity-Functions is somewhat geared at being able to validate users before and during the signup process as to potentially block them from creating an account, but if you’re using 3rd party auth, by doing so you’re inherently unblocking folks from making accounts (3rd party registration is open to anybody with an account on the third party service)(plus, the way 3rd party auth works, you have no user metadata to filter/gate your account registration on anyway…). Presumably, all of the processing you’d want to do when using a 3rd party auth service would come after the user gets an account; which is best kicked off from a web hook on the 3rd party side because the 3rd party “sign in with” process may have its own steps to work through before hitting ‘done’. 3rd party auth services should allow you to hit a web-hook after the user is done signing up; just point that web hook at your own Netlify Function for your site and you’re free to do whatever sort of post-sign-up process you’d like :grin:

Validate vs. Signup I’ll agree with you here - the docs aren’t super descriptive on what’s what. Here’s my understanding - Validate happens once the user fills out the registration form, but before the confirmation email is sent. If you return a 200 or 204 from identity-validate, it will go ahead with the email and the user can confirm their registration with the unique token contained in that email. The impetus here is being able to filter out users by their signup handle / other signup metadata you may have in your custom signup form. E.g. you only want to allow users from email addresses to be able to sign up for an account on your site. The identity-validate function should let you control that really easily.

As an exercise in fun and brevity, that entire Function could be as simple as (lol this is ad-hoc written and untested, FYI):

// identity-validate.js
exports.handler = async (event) => ({ statusCode: /@example\.com/.text(JSON.parse(event.body) ? 200 : 403 })

As an aside, I think you have full access to the registration content that was submitted as part of the identity-validate payload, so you could hydrate user metadata here too. E.g. if your custom user signup form includes a phone number, since that would be a meta-field in Netlify Identity, you could add it here. You could also add it in identity-signup (below) so both work fine, but just calling it out since sign-ups often require more than just email/pass

On the other side of the coin, identity-signup runs after the user has completed their signup and successfully processed the valid confirmation token from their email confirmation. I like to consider this as the best place to handle “setting up user default roles and metadata” – and have used this myself a number of ways, but most commonly to assign users with a ‘default role’ for role-gated content. As mentioned above, you could also populate other metadata here from the registration form that was submitted, but I’d have to test that out myself to confirm the shape/workings of that. Here’s another example in brevity for assigning a default role to all new users:

// identity-signup.js
exports.handler = async (event) => ({ statusCode: 200, body: JSON.stringify({ "app_metadata": { roles: ["member"] } }) })

Data-shape Yeah :confused: I’ll agree with you, my friend. The docs could be better here. If they were open source I’d contribute myself :rofl: but I also agree that @futuregerald’s comment here (same link as yours) was helpful… but understanding the full data shape is tough, and I agree that you have to sleuth through some demos using the prod identity UI and Functions logging to get where we need to go. TBD on that for now; although it’s in my list of things I’d like to write about.

I hope all of that helps :slight_smile: Please let me know if you have more questions. More than happy to help on this topic. I do find that there aren’t nearly as many posts / info on the ‘deeper dev’ of the Netlify platform (e.g. Identity and Functions and Large Media – some of the deeper stuff) so I’m always happy to increase the volume of written works on these things


1 Like