Restrice automatic signin after signup using convex auth | Convex Community | Page 1

primal kiteBOT May 9, 2025, 6:27 AM

Hi @weary osprey. I'm kapa.ai, your friendly support bot. I will try to answer your question by searching through the knowledge base. :wave:

When using Convex Auth with the Password provider, it does automatically sign in users after signup by default. To separate the signup and signin processes, you'll need to customize the authentication flow.

Based on the knowledge sources, there are a couple of approaches you can take:

Option 1: Override the default signIn action

You can override the default signIn action to customize the behavior:

export const { auth, signIn: authSignIn, signOut, store, isAuthenticated } = convexAuth({ 
  providers: [Password] 
})

export const signIn = actionGeneric({
    args: v.any(),
    async handler(ctx, args) {
        try {
            // Check if this is a signup flow and modify behavior
            const formData = args.formData || args;
            if (formData.flow === "signUp") {
                // Handle signup without automatic signin
                // You could return a different redirect or response
                return { redirect: `${process.env.PUBLIC_URL}/signin?message=Please sign in with your new account` }
            }
            
            // Otherwise proceed with normal signin
            return await ctx.runAction(api.auth.authSignIn, args);
        } catch (err) {
            if (err instanceof ConvexError) {
                return { redirect: `${process.env.PUBLIC_URL}/signin?error=${encodeURI(err.data ?? "Convex error")}` }
            }
            return { redirect: `${process.env.PUBLIC_URL}/signin?error=${encodeURI("Something went wrong")}` }
        }
    }
})

This approach was suggested in a Discord support thread where a user wanted to customize error handling for the sign-in process Link to Discord thread.

Option 2: Use ConvexCredentials provider

For complete control over the authentication process, you can use the ConvexCredentials provider instead of the Password provider. This allows you to fully customize the sign-up and sign-in processes:

import { ConvexCredentials } from "@convex-dev/auth/providers/ConvexCredentials";
import { convexAuth } from "@convex-dev/auth/server";

export const { auth, signIn, signOut, store, isAuthenticated } = convexAuth({
  providers: [
    ConvexCredentials({
      // Implement your custom authentication logic here
    })
  ],
});

The documentation mentions that you can "completely customize the sign-in process" by using the ConvexCredentials provider Link to documentation.

For a more detailed implementation, you can look at the Lucia Auth integration example which shows how to implement separate sign-up and sign-in mutations Link to Lucia Auth example.

By implementing your own authentication logic, you can ensure that users need to explicitly sign in after signing up, rather than being automatically logged in.

#Restrice automatic signin after signup using convex auth

Option 1: Override the default signIn action

Option 2: Use ConvexCredentials provider

By implementing your own authentication logic, you can ensure that users need to explicitly sign in after signing up, rather than being automatically logged in.

Note: you can ask me a follow up question by @ mentioning me again :speech_balloon: