itslekan
itslekan•3w ago

Unconventional Authentication Implementation

I have an interesting client and one of his specifications is that he wants to keep users of the platform completely anonymous, but we still need a way to identify them, but without knowing their personal details. So he wants to use phone numbers to authenticate them and they encrypt the phone number in the database I don't really know how to go about implementing this with convex. The 2 ideas I have are: 1. To use the Lucia implementation to create a custom auth flow - but lucia is deprecated so I have to find the equivalent. 2. To use the anonymous sign in option in convex auth and tweek the CAPTCHA verification to instead use phone verification - but that's a stretch This is as far as I've gotten so if anyone could point me in the right direction that would be helpful. Thank you
9 Replies
Convex Bot
Convex Bot•3w ago
Thanks for posting in <#1088161997662724167>. Reminder: If you have a Convex Pro account, use the Convex Dashboard to file support tickets. - Provide context: What are you trying to achieve, what is the end-user interaction, what are you seeing? (full error message, command output, etc.) - Use search.convex.dev to search Docs, Stack, and Discord all at once. - Additionally, you can post your questions in the Convex Community's <#1228095053885476985> channel to receive a response from AI. - Avoid tagging staff unless specifically instructed. Thank you!
Achilleas
Achilleas•3w ago
Wouldn't it be possible to have normal auth (e.g Twilio), and then have a job scheduled a few seconds after the user is verified to hash/remove their phone number?
itslekan
itslekanOP•3w ago
Normal auth with phone number? But what about when signing in again don't we need the phone number? I'm not quite sure how OTP signin with phone number works but I imagine we'll still need the phone number
Achilleas
Achilleas•3w ago
For login, you hash the phone number again and if it matches with one from the db you send an OTP
itslekan
itslekanOP•3w ago
Let me look into it and get back to you
itslekan
itslekanOP•3w ago
I'm using bcrypt to encrypt it, but after looking through the source code I realized that I need to alter the compare function 
const existingAccount = await ctx.db
    .query("authAccounts")
    .withIndex("providerAndAccountId", (q) =>
      q.eq("provider", provider.id).eq("providerAccountId", account.id),
    )
    .unique();
const existingAccount = await ctx.db
    .query("authAccounts")
    .withIndex("providerAndAccountId", (q) =>
      q.eq("provider", provider.id).eq("providerAccountId", account.id),
    )
    .unique();
this is the current comparing function from: https://github.com/get-convex/convex-auth/blob/main/src/server/implementation/mutations/createAccountFromCredentials.ts GitHub convex-auth/src/server/implementation/mutations/createAccountFromCr... Library for built-in auth. Contribute to get-convex/convex-auth development by creating an account on GitHub. so my plan was to basically copy over the phone verification implementation to my backend Everything was going fine until the function "callCreateAccountFromCredentials" I think it's using a custom runMutation function here 
export const callCreateAccountFromCredentials = async (
  ctx: ActionCtx,
  args: Infer<typeof createAccountFromCredentialsArgs>,
): Promise<ReturnType> => {
  return ctx.runMutation("auth:store" as any, {
    args: {
      type: "createAccountFromCredentials",
      ...args,
    },
  });
};
export const callCreateAccountFromCredentials = async (
  ctx: ActionCtx,
  args: Infer<typeof createAccountFromCredentialsArgs>,
): Promise<ReturnType> => {
  return ctx.runMutation("auth:store" as any, {
    args: {
      type: "createAccountFromCredentials",
      ...args,
    },
  });
};
the runMutation is passing in "auth:store" so I can't change it to my own edited version of the createAccountFromCredentialsImpl I've tried everything I can think of Please if anyone could help that would be great. I've been on this for 2 days now
GitHub
convex-auth/src/server/implementation/mutations/createAccountFromCr...
Library for built-in auth. Contribute to get-convex/convex-auth development by creating an account on GitHub.
erquhart
erquhart•3w ago
You can customize account creation: https://labs.convex.dev/auth/advanced#controlling-user-creation-and-account-linking-behavior
Advanced: Details - Convex Auth
Authentication library for your Convex backend
erquhart
erquhart•3w ago
I don't know if this gets you all the way there, though. You can also just fork convex-auth if you want more control. I'm running a fork in production and it works great.
itslekan
itslekanOP•2w ago
ur next level🙌 I'll check it out

Did you find this page helpful?