Forum Academy Marketplace Showcase Pricing Features

Restrict user login depending on user status

I have user privacy rules enabled and also have a status field that reflects whether the user is “Enabeled” or “Disabled”.

I can’t seem to find a way to restrict a “Disabled” user from logging into the system. I would want to do a check and see if the user logging in is disabled and then not allow them to actually log in.

What I am trying to avoid is having them log in, in order for me to do the User status check and then having to force them back out.

Thank you

In your workflow, have a step before the “log the user in” step to show an alert or popup. Add an only-when condition that searches for the user (Based on the email provided) and if the status field = disabled.

Would that work?

T
Learn no code → nocodify.com

Thank you for your suggestion.
I have attempted it but it seems that I can’t test if the user is disabled before logging in.
Do you have an example?

Hey, @openhousevisitors! To add to @Nocodify’s suggest, here’s how I would set it up…

On your login page, on the same workflow that logs the user in, you’ll want to set the “Only when” on that “Log the user in” action to “Current User’s Disabled = No”. This will block the user from logging in.

Then you can set up other actions like an alert letting them know it’s disabled using the same “Only when” expression.

Let me know if that makes sense!

Hi @openhousevisitors ,

You can archive this checking of user status with backend workflow & Api Connector plugin.

  1. Create new api token for your bubble app.

  2. Create new backend api with params email .
    Check the user email with status here and return data like valid/not valid with some param like status.

  3. Create new Api Connector to access above created workflow api URL with Api token(pass the values)


    Click the initialize call, you will get the data like below,

  4. Use this api and pass data values when user click the login button. it will pass the values and check the backendworkflow. Finally you will get return data from api. If it is invalid show error as your wish. otherwise allow your login action to proceed further.

If return from api is “No” then show error message and terminate the workflow, otherwise allow to login the user.
Note : This method can work if you are applied privacy rules.

1 Like

Thank you I will try it out and advise

Thank you so much for the screen shots. I will try it out and see if I can make it work and revert back.

Unfortunately I can’t seem to be able to search and get any results showing the status of the user prior to login. Can you share an example if you have one?

If you have paid plan for your bubble app then, it will works, Because free plan have some limitations.

I have done this same to my client with paid app, still its working. Just I sent PM to you, Can you please check your inbox

mani2726 - I was only able to make it work in ‘development’.
I noticed that the API URL was pointing to /version-test/.
I was hoping that by adding another call to the API and pointing it to the “Live” URL, would allow me to also get it to work in live. Unfortunately it did not work. How can I have it work both in development and live?

Hi @openhousevisitors ,

Use params as [] and pass value based on the version like below
image

@openhousevisitors :wave:

I believe this way would be the safer way to do it. Restrict user login depending on user status - #5 by mani2726 :raised_hands:

I would recommend trying out @mani2726 solution. :fist_right::boom::fist_left:

Searching for a user by their email in a workflow step would require you to expose their email publicly which would be pretty unsafe I think. Someone can correct me if I’m wrong. Unless someone knows of a way around that. :man_shrugging:t2:

This video would show you why this wouldn’t be safe: How to Hack Your Own Site 😱

Hope that helps! :blush:

@j805 www.NoCodeMinute.com

For All Your No-Code Education Needs:

Hi,
This workflow run with Api token. And it works if you applied privacy rules on User table.

This api token was not visible when you call from the api connector. if somebody made any mistaken when configure the api with workflow, it can be possible.

Api token is major thing on your application. If you share this api token to anyone this only major availablity of hack your bubble app.

But, I’m welcome to get more suggestions/drawback about this method from other bubble developers.

1 Like

I think it’s a great method. :raised_hands:

You are running it on the backend workflow too. So it seems safe to me the way you have it set up. :blush:

I would be curious to see if anyone else has any feedback.

Great thanks :slight_smile: Hope will get more feedbacks from other bubble backend developers.

1 Like

Thank you mani2726