Hi all,
I am using Directus for user management on my app. I’m building a custom email verification flow. What I’m struggling with is dealing with cases where the user account is not active. Ideally I want to catch that and recommend the verification email be resent etc.
What’s the best way to manage this? Is there not a way to return a better error from /auth/login for inactive accounts? It seems that any account status returns a 401 Invalid Credentials. I assume this is intentional, and perhaps based on a security concern I can’t see, but I’m not sure how else to handle this.
My alternative thinking was to set up a static token and check the user against their email prior to login… how are some of you guys handling this scenario?