Still very much learning WeWeb in’s and out’s along with Xano. My coding knowledge is limited so this has been a real experience. I’m in the initial phases of setting up login, sign up, password reset logic. I’m not a fan of the way the Xano plugin for sign up immediately authenticates a user without verifying password. So, I created a little work around. Technically, it’s not doing much other than requiring the user to verify a password through the use of a verification code. This is set in the Xano API and then uses SendGrid to send the verification code via email. When a user signs up it simply redirects to the verification code screen awaiting the entry of the code. However, technically they are authenticated and if they new the proper route could by-pass this. I have set some user_is_active booleans in Xano so it does check against this and redirects.
Now, I’m at a point of setting a password reset. I’m again using a verification code along with email. If both check out it creates a auth token. At which point the user is directed to the change password form. So when I hit the API call that creates the auth token I can see it as data in the workflow. I can even use the Store Auth Token to store the token from the results of the previous action. However, the user is not technically authenticated. I simply have an auth token. My question is with the auth token how am I going to authenticate the user in WeWeb in order to capture the Auth/Me info? As it stands I can not see any user data which is why I assume even with the auth token issued and captured I’m not technically authenticated at least not within the structure of WeWeb.
