Login with authToken (MagicLink)

@aurelie @Joyce (Just moving this here to get into the right thread)

I have an endpoint that returns an authToken. I’d like to login the user on WeWeb at that point. Currently, no action exists to login to WeWeb front end with an authToken.

I have the following set up:

variables[/* xanoAuth accessToken */ 'f58 ... 4e1-accessToken'] = context.workflow['536 ... c8f6'].result['auth_token']

window.vm.config.globalProperties.$cookie.setCookie("ww-auth-access-token", context.workflow['536 ... c8f6'].result['auth_token']);

It seems to work.

Is this the correct way to do this?

I’ve copied the code from plugin-xano-auth/wwPlugin.js at main · weweb-assets/plugin-xano-auth · GitHub

I believe that I could create another version of the plugin and create a Login With Magic Link Action, but I’m afraid of messing with that and breaking everything :slight_smile:

1 Like

I don’t have an answer to your question, but I just wanted to chime in (and follow the thread) so the WeWeb team knows.

I plan to build this (Magic Link via Xano) in a client’s app in the coming weeks as well.

Hi @kevinwasie :wave:

I’ll let Aurélie answer this one, it’s too technical for me :sweat_smile:

I’m curious though. How come you manage to retrieve an authToken but the user is not logged in?

@joyce The user is logged into Xano, but not in WeWeb. This is the same thing from this post: Get Parameter from URL - #22 by Joyce

1 Like

I am checking stuff with the backend team, and will come back to you.
In the meantime, setting cookie this way works, but it’s not time proof (it may change).
@joyce can you add the action “Set cookie” to the needed feature?


Thank you.

Would an action in the auth plugins called “Login with Auth Token” be valuable?

I think many people will use this magic link feature but right now it’s difficult with needing the custom code to set the cookie and accessToken.


@kevinwasie This would be really helpful :nerd_face:


FYI, added the following to our list of user suggestions for the product team to review: Auth improvement: add the action “Set cookie” + add the action “Login with Auth Token”

We also be adding it to our public roadmap and registering your upvotes so no action needed on your part :wink:

Anything else you think might be useful @kevinwasie, @Cedric, @caffeinatedwes?


Thank you, Joyce!

The set cookie action and the login with auth token action are the biggest, but it might be nice if there was a way to auth manually (ex. enter your auth token") instead of having to trigger the back-end logic and magic link emails every time. I often find myself sending myself a lot of these magic link emails and switching the redirect link (in Xano) between the editor site and my testing site.


Hi, I am also voting for the “Login with auth token” action to use passwortless auth.

@kevinwasie I tried your JS solution, but did not get it to work. I realised that you use “variables” but WeWeb gives me “pluginVariables” at this point. Here is the code anything I am missing?

pluginVariables[/* xanoAuth accessToken */ 'f5856 .... c64e1']['accessToken'] = context.workflow['d56a. ....  27a47'].result['data']['auth'];

window.vm.config.globalProperties.$cookie.setCookie("ww-auth-access-token", context.workflow['d56a. .....  7a47'].result['data']['auth']);

The code runs successful and uses the auth token which I receive from my xano request with magic link.

So even that the code thows no error, the auth token of the current user in the Xano Plugin is not updated. Am I missing something?

Now realised that the user and token gets updated when I reload the page, but only then.

If I am just changing the page with a change page action the accesstoken in the editor is not updated.

@Soenke Did you get it to work?

The variables and cookie are being updated right away with that code. However, this is static, so the system will not sync with your Xano database unless you then tell it to do so.

The reason it is updating when you load the page again is because you are then calling some sort of user request on the Xano database.

If you want to try updating the user right away, after you set those variable, use a Fetch User action. I think this will be what you are looking for.

Let me know if that helps.

@kevinwasie I tried it with a fetch user action after the scripts, but it returns an error as the fetch user action seems not to use the token I received from magic_login.

Here is the workflow.

Hmm. That should be working. After you run the HACK: Update Xano Plugin, check to see that the XanoPlugin AccesssToken was set. Did it get set?

The fetch user will use that AccessToken.

If that is not the problem, then expand the response in the error so we can see what that says.

Unfortunately the accessToken in the Editor Panel is not updated. (Only after page refresh).

Console.log says that pluginVariable stores the accessToken, but it is not updated in the editor panel and also not used by the Xano Plugin…

The Fetch Action returns the typical Xano Response “Unsupported Input” which is returned if the Token is missing in the request.

Bildschirmfoto 2022-08-11 um 17.07.24

Just saw in your first post that in the plugin code the last line is this. Have you added that to the Script and what is the string key there?

wwLib.wwVariable.updateValue(" what comes here ? ", authToken);

Sorry for the delayed reply. Was on vacation …

Can you take a screenshot of your code and paste it here.

The .updateValue is coming from the plugin source files. You do not need that here.

This should be all that you need:

variables[/* xanoAuth accessToken */ 'f58 ... 4e1-accessToken'] = context.workflow['536 ... c8f6'].result['auth_token']

window.vm.config.globalProperties.$cookie.setCookie("ww-auth-access-token", context.workflow['536 ... c8f6'].result['auth_token']);

Hi @kevinwasie I found the bug. :smile:

When adding the accesstoken variable via editor to the script it gives me this:

pluginVariables[/* xanoAuth accessToken */ 'f585. ...  4e1']['accessToken'] 

I saw in your code that you declared it like this:

variables[/* xanoAuth accessToken */ 'f585 ... 64e1-accessToken']

Changed it by hand e voila, it works finally. So good to have this resolved… :wink:

1 Like

Hi @Soenke , im having the same problems with you when Fetch User data. It also doesnt update the Xano auth tokens in the editor.

maybe i missed a step. can you help me on this?

Hi @cbpcanda could you share your code snippet here? I imagine you jumped into the same pitfall as I did.

sure thing. So my first workflow is the api call for logging in user magic_link_token

then after that, i successfullt get the auth_tokens but wont sync with the weweb editor or in theXano Auth plugin.

This is the “hack” posted in this thread.