Token Based Auth

[amirhemm]

Is there a way that we can use token based auth with library? I love the way you have used the new API routes in next js 9!

[hoangvvo]

Hi @amirhemm, which library are you refering too? Or is this that you are trying to implement your own token base auth? By token base, do you mean sending a token via Header?

[amirhemm]

Hi @hoangvvo, for example if you want to setup Jsonwebtoken library and maybe pass the token inside of the header or inside of the cookie. Or maybe use a third party authentication service like auth0.

[hoangvvo]

@amirhemm Yes, that is certainly possible. However, the way this project set up is to use session Id. If I'm free this weekend, I will try to cook something up. Feel free to ping me in this issue this weekend if I forget.

However, a hint is to look into https://github.com/hoangvvo/nextjs-mongodb-app/blob/master/middlewares/withAuthentication.js That is our whole authentication logic. We are reading a value from session (req.session.userId). Simply do something like req.headers.authorization or .token

[hoangvvo]

This is easy to implement with the latest version with passport.

Check out /lib/passport.js. You will need to plug in passport-http-bearer

In the middleware, you want something like:

middleware.use(passport.authenticate('bearer', { session: false }))

Feel free to ask me to reopen this if you have any trouble