Skip to main content
important

This is a contributors guide and NOT a user guide. Please visit these docs if you are using or evaluating SuperTokens.

Add flowContext arg to shouldDoAutomaticAccountLinking

Status:
accepted
Deciders:
rishabhpoddar, bhumilsarvaiya
Proposed by:
rishabhpoddar
Created:
2022-12-01

Context and Problem Statement#

Developers may want to control when automatic accout linking can happen. For example, they may want that in the sign up API, but not in the password reset API.

So how can we allow them to control this?

Considered Options#

  • Add an extra argument to the function called flowContext which will contain info about the context.
  • Not to provide any such context and keeps thing simple
  • Implement this using canLinkAccount and canCreatePrimaryUser functions
  • Use session container object as one of the args for the function

Decision Outcome#

Option chosen: Add an extra argument to the function called flowContext which will contain info about the context.

The type of flowContext is:

flowContext: {    fromAPI: "RESET_PASSWORD" | "LINK_ACCOUNT_TO_EXISTING_ACCOUNT"    willNewUserBeCreated: boolean,    willUserIdChangeOfExistingUser: boolean} | {    fromAPI: "SIGN_UP"} | {    fromAPI: "EMAIL_VERIFICATION",    willUserIdChangeOfExistingUser: boolean}

By default, we API for post login account linking will use this argument to return shouldRequireVerification as false.

Pros and Cons of the Options#

Add an extra argument to the function called flowContext which will contain info about the context.#

  • More control to the developer
  • The SDK by default requires the use of this (in post login account linking)
  • Developers do not need to use this by deafult
  • More complex API.
  • Not to provide any such context and keeps thing simple#

  • Lesser flexibility
  • Implement this using canLinkAccount and canCreatePrimaryUser functions#

  • One lesse configutation param
  • The dev needs to write the same logic in two places if they want to provide this implementation.
  • Use session container object as one of the args for the function#

  • This won't be enough to distinguish all flows types - only between SIGN_UP and LINK_ACCOUNT_TO_EXISTING_ACCOUNT type.