#Resend, Email verification/login not working?

# Enter email in form and submit
[verbose] 2024-10-29T22:57:48.222Z [ConvexAuthNextjs] Begin middleware for request with URL http://localhost:3000/api/auth
[verbose] 2024-10-29T22:57:48.222Z [ConvexAuthNextjs] Proxying auth action to Convex, path matches /api/auth with or without trailing slash
[verbose] 2024-10-29T22:57:48.223Z [ConvexAuthNextjs] Fetching action auth:signIn with args {"provider":"resend","params":{"email":"[email protected]"}}
%c[CONVEX A(auth:signIn)] [LOG] color:rgb(0, 145, 255) 'sendVerificationRequest: sendto:email' '[email protected]'
%c[CONVEX A(auth:signIn)] [LOG] color:rgb(0, 145, 255) 'sendVerificationRequest: emailLink' 'http://localhost:3000/auth/verify-email?token=3FPpS0puAq719UfAABQZhGOKMeIQ5d1V'

# click on link in email
[verbose] 2024-10-29T22:58:20.339Z [ConvexAuthNextjs] Begin middleware for request with URL http://localhost:3000/auth/verify-email?token=3FPpS0puAq719UfAABQZhGOKMeIQ5d1V
[verbose] 2024-10-29T22:58:20.339Z [ConvexAuthNextjs] Not proxying auth action to Convex, path /auth/verify-email does not match /api/auth
[verbose] 2024-10-29T22:58:20.339Z [ConvexAuthNextjs] Begin handleAuthenticationInRequest
[verbose] 2024-10-29T22:58:20.340Z [ConvexAuthNextjs] No tokens to refresh, returning undefined
[verbose] 2024-10-29T22:58:20.340Z [ConvexAuthNextjs] Calling custom handler
[verbose] 2024-10-29T22:58:20.369Z [ConvexAuthNextjs] Begin middleware for request with URL http://localhost:3000/login?token=3FPpS0puAq719UfAABQZhGOKMeIQ5d1V
[verbose] 2024-10-29T22:58:20.369Z [ConvexAuthNextjs] Not proxying auth action to Convex, path /login does not match /api/auth
[verbose] 2024-10-29T22:58:20.369Z [ConvexAuthNextjs] Begin handleAuthenticationInRequest
[verbose] 2024-10-29T22:58:20.370Z [ConvexAuthNextjs] No tokens to refresh, returning undefined
[verbose] 2024-10-29T22:58:20.370Z [ConvexAuthNextjs] Calling custom handler
layout: {"key":null,"ref":null,"props":{"parallelRouterKey":"children","segmentPath":["children","(auth)","children"],"template":{"key":null,"ref":null,"props":{"children":{"key":null,"ref":null,"props":{},"_owner":null,"_store":{}}},"_owner":null,"_store":{}},"notFound":{"key":null,"ref":null,"props":{},"_owner":null,"_store":{}},"notFoundStyles":[],"styles":null},"_owner":null,"_store":{}}
 GET /login?token=3FPpS0puAq719UfAABQZhGOKMeIQ5d1V 200 in 125ms
 GET /manifest.webmanifest 200 in 39ms

Everythign seems to be working but after i click the link in the email it opens the site/app in a browser on the login page but you not logged in.

• it did create the user and user features records.
• authAccounts has record, authVerificationCodes has record

What am I missing and why was the afterUserCreatedOrUpdated() callback function not called?

This is either undocumented or poorly documented, but I believe the query parameter needs to be code as opposed to token

https://github.com/get-convex/convex-auth/blob/10d5fd225b9b3898dd81d6271d5b926b85bda9c8/src/nextjs/server/request.ts#L29
is what would exchange that code for valid auth

So concretely changing

const link = `${getHost()}/auth/verify-email?token=${token}`;

to

const link = `${getHost()}/auth/verify-email?code=${token}`;

might get things working

makes sense. that code is from https://labs.convex.dev/auth/config/email but could be wrong. let me give it a shot.

with your change:

[verbose] 2024-10-30T00:12:11.157Z [ConvexAuthNextjs] Begin middleware for request with URL http://localhost:3000/api/auth
[verbose] 2024-10-30T00:12:11.157Z [ConvexAuthNextjs] Proxying auth action to Convex, path matches /api/auth with or without trailing slash
[verbose] 2024-10-30T00:12:11.159Z [ConvexAuthNextjs] Fetching action auth:signIn with args {"provider":"resend","params":{"email":"[email protected]"}}
%c[CONVEX A(auth:signIn)] [LOG] color:rgb(0, 145, 255) 'sendVerificationRequest: sendto:email' '[email protected]'
%c[CONVEX A(auth:signIn)] [LOG] color:rgb(0, 145, 255) 'sendVerificationRequest: emailLink' 'http://localhost:3000/auth/verify-email?code=II5SEqJOk4QeMlqgFTvXdRoaVJsbj0t1'
[verbose] 2024-10-30T00:12:22.480Z [ConvexAuthNextjs] Begin middleware for request with URL http://localhost:3000/auth/verify-email?code=II5SEqJOk4QeMlqgFTvXdRoaVJsbj0t1
[verbose] 2024-10-30T00:12:22.481Z [ConvexAuthNextjs] Not proxying auth action to Convex, path /auth/verify-email does not match /api/auth
[verbose] 2024-10-30T00:12:22.481Z [ConvexAuthNextjs] Begin handleAuthenticationInRequest
[verbose] 2024-10-30T00:12:22.481Z [ConvexAuthNextjs] No tokens to refresh, returning undefined
[verbose] 2024-10-30T00:12:22.481Z [ConvexAuthNextjs] Handling code exchange for OAuth or magic link
[Error: [Request ID: d2ad6c3247f15a4e] Server Error
Uncaught Error: Uncaught Error: Token verification requires an `email` in params of `signIn`.
    at authorize [as authorize] (../../node_modules/@convex-dev/auth/dist/providers/Email.js:39:12)
    at verifyCodeOnly (../../node_modules/@convex-dev/auth/dist/server/implementation/mutations/verifyCodeAndSignIn.js:98:4)
    at async verifyCodeAndSignInImpl (../../node_modules/@convex-dev/auth/dist/server/implementation/mutations/verifyCodeAndSignIn.js:29:25)

    at async signInImpl (../../node_modules/@convex-dev/auth/dist/server/implementation/signIn.js:14:25)
    at async handler (../../node_modules/@convex-dev/auth/dist/server/implementation/index.js:249:20)
]
[verbose] 2024-10-30T00:12:23.153Z [ConvexAuthNextjs] Error validating code, redirecting to http://localhost:3000/auth/verify-email and clearing auth cookies
[verbose] 2024-10-30T00:12:23.154Z [ConvexAuthNextjs] Redirecting to http://localhost:3000/auth/verify-email
[verbose] 2024-10-30T00:12:23.173Z [ConvexAuthNextjs] Begin middleware for request with URL http://localhost:3000/auth/verify-email
[verbose] 2024-10-30T00:12:23.173Z [ConvexAuthNextjs] Not proxying auth action to Convex, path /auth/verify-email does not match /api/auth
[verbose] 2024-10-30T00:12:23.173Z [ConvexAuthNextjs] Begin handleAuthenticationInRequest
[verbose] 2024-10-30T00:12:23.173Z [ConvexAuthNextjs] No tokens to refresh, returning undefined
[verbose] 2024-10-30T00:12:23.174Z [ConvexAuthNextjs] Calling custom handler
[verbose] 2024-10-30T00:12:23.188Z [ConvexAuthNextjs] Begin middleware for request with URL http://localhost:3000/login
[verbose] 2024-10-30T00:12:23.188Z [ConvexAuthNextjs] Not proxying auth action to Convex, path /login does not match /api/auth
[verbose] 2024-10-30T00:12:23.188Z [ConvexAuthNextjs] Begin handleAuthenticationInRequest
[verbose] 2024-10-30T00:12:23.189Z [ConvexAuthNextjs] No tokens to refresh, returning undefined
[verbose] 2024-10-30T00:12:23.189Z [ConvexAuthNextjs] Calling custom handler
 GET /login 200 in 78ms
 GET /manifest.webmanifest 200 in 32ms```

added email param (for the hell of it). I don't think thats it. Seems token was working but i need to switch to verification (type?). Im not sure, the documentation is not very good on that.

I think one of the devs need to revist this and make sure it works and is documented correctly.
args.type is one of "oauth" | "email" | "phone" | "credentials" | "verification"

yet you can see in my logs create email & user:
-> Oct 29, 19:15:42 M auth:store info 'auth:store type: createVerificationCode'
and link clicked:
-> Oct 29, 19:15:54 M auth:store info 'auth:store type: verifyCodeAndSignIn'

Those types don't match up. So im at a loss as to how to handle the flow.

maybe somehow detect that its a "clicked email link" and add use (in link the code from this table), and test it against the code and update db and redirect?

Ok yeah our docs + examples here are not very clear. I believe the way the Email provider in Convex Auth is written only works with OTPs (does not work with magic links), and expects to be called by something like a form submit where you can provide the email + the code in the signIn call.

For magic links, I believe you want to use Resend out of @auth/core/providers/resend potentially overriding the sendVerificationRequest option to send a custom email. I believe the URL for the magic link will always use the query param code and use the URL specified in the redirectTo param of the signIn call that creates the code. Convex Auth will automatically inter

Stay tuned for some better docs + examples here, but happy to keep talking here to try and unblock you and get this working

Yeah, i really need to figure it out as it has me blocked. i Have been converting this from a working clerk to convex. I am not planning on using OAuth at this time, i just need Email/password, Magic Link (email, cick to verify then set password and phone verification would be nice. I already have Resend configured and running. I also know that Email+Password does work, but was not verifying email.

So i guess I need to Jerry Rig something for now so i can push this for QA and then deploy so I can turn off clerk and move on to the other features/changes.
Should i just create my own separate verification code/components for now? Do you have any idea why the afterUserCreatedOrUpdated(ctx, args) is not being called?

chiming in here, i think afterUserCreatedOrUpdated is called by the default user creation

it looks like you're providing your own createOrUpdateUser which means you'll need to call afterUserCreatedOrUpdated in your custom code

it also looks like you can override the email requirement for magic links:

https://labs.convex.dev/auth/api_reference/providers/Email

How did you end up solving this issue? If you don't mind, please share. Thanks!

It's still unsolved. Responded to issue on github but no responses. So, it's still not working, I left it and moved on with other parts of the app.

@silent nymph - so, I tried rather hard to refactor a running application to use convex-auth to no avail. Was on this process for almost a week. Decided to run the template-nextjs-convexauth-shadcn repo and that worked. I am now porting my app into that app...it's a bit of a drag but, thus far, it's the only way I am able to move forward.