Handle new user from Okta Sign-In Page in Node.js


I’m trying to integrate my application with Okta, by using Okta Sign-In Page on Node.js with oidc-middleware. However, I have encountered a problem probably due to the way oidc-middleware handles session and I’m stuck.

What I’m trying to do is, I used connect-session-sequelize and I added a userId field on my session, taken from data.passport.user.sub (as shown here https://github.com/mweibel/connect-session-sequelize#add-custom-fields-as-a-column). And then I enforced FK constraint on userId to existing User table, so that every session belongs to a user, to ensure consistency.

But then, when a new user (not on User table) is authenticated through oidc-middleware, oidc-middleware tries to create a new session for the user. Express-session then asks the session store to save the session. The session store, connect-session-sequelize, adds the userId field to the model, and then ask sequelize ORM to save it to DB. But the DB transaction failed, of course, because the FK constraint is not satisfied, a user must be created first.

The real problem is, I cannot find a place in this chain, that I can add a step - create a new user in DB. To get user info, my code will rely on the session info, as oidc-middleware is designed this way. But the session info will never be there unless my code creates the user first.

Of course, one solution would be to remove the FK constraint from Session table, but the downside is also obvious, we lose the benefit of consistency check provided by FK constraint. And I would like to know if there are other options.