I already asked this question myself a lot of times.
When you have your own custom login-page and you want to inform the logging-in users if they are doing something wrong during login-process (for example entering a wrong password or email), how it is possible to differ between this two different wrong entered values?
In both cases you get the following error-message from console-system...
Which tells us, that something has been done wrong during the login-process! OK! But which entry was the wrong one (exactly)?
No matter if ....
-it is a wrong entered password...
-it is a wrong entered email...
-or it is even a non-existing Account....
...always you get just an very imprecise error-message as output.
If (there is a possibility how to define it more precise) {let me know}.
else if (there isn't any possibility) {
setTimeOut(()=>{wix/velo has a new sheduled-task},as soon as possible);
}
else {more of my followers will storm the fortress 😜}
Thanks 😉😁
BTW: Is there an API-DOC where all the error-Codes can be found?
Sorry for all the detailed investigations 🙄🙄🙄
Edit: And i was happy to see, that there was a more specific error-handler for blocked user 🙉...
Already a little bit happy about this progress! 🍻🍻🍻
More work can be found here....
It's a dangerous world out there. Why would you want to help a hacker figure out how to work out the login credentials? If a legitimate user is trying to login, then they should have their information saved somewhere (password program or a stick-it note on their screen) and can easily fix the error. A hacker on the other hand shouldn't be given any assistance.
The solution was all the time in front of my nose, damn 🤣!
And also all the needed DATA is already prepared to solve this issue.
Somewhere in my code i already query all contacts --> a third database is not neccessary.
Ok, good checkpoint!!!
This could work.
My aim was not to generate an own (third) databease for members (if you followed all of my posts you probably have seen it already).
But anyway --> your suggestion is the key! Well done!
I even do not need a third database.
Now i know what to do and how to solve it.
It will even solve both of my issues.
Thanks for the right idea!
What if you store all of the data when a user signs up in its own "verification" database and then when a user tries to login you can query that database to see if the entry exists. If there is not matching result you can show the text with the correct error?
What if, you get the error message that the email or password is invalid. Can you take the info from Wixusers, to get the email the user used to try and login. with? Can you use that email to do a query on the Users/Contacts collecton and see if the email exists? I am not uptospeed on how Wix authenticates logins and what it puts into its WixUser object. I don't know if it tracks the users email in the User object, even if the user is not logged in. I haven't read through the WixUsers API, or tested it, since I haven't used it yet. The websites I've been working with are public facing and don't authenticate the user.
Does the errorCode change if you enter in a wrong email vs wrong password. I wonder if that is the clue you could use.
If it is the wrong email, that infers that it is non Existent (in the collection) that is being used to test the login. Since there is no real way to test if the email is invalid, without trying to send a physical email to the email address and waiting for a response from the incoming mail server. In fact some email servers (that I've configured), I silently drop emails that have invalid incoming addresses. I don't want hackers, trying to repeatedly send emails and get a response that the email address is invalid, to try and guess valid emails.