Hello
I would like to authenticate
and authorize
users using auth0.
I’m a little lost, any pointers would be appreciated.
My app is using Next JS
for the client/frontend and GraphQL
(typescript / type-graphql) for the server/backend.
I see the flow as follows.
- User logs in to the application successfully
- A JWT is attached/exposed to the request object
- I can pass/expose
req.headers.authorization
oncontext
on GraphQL. - Handle the
req
object ontype-graphql
with custom decorators. - Validate if user is “authorized” to access
resolver
-
One of the questions I have is how to handle authentication on a SSG/SSRS hybrid scenario?
(since static generation happens on the client I will not have access to thereq
object.) -
Does the library
auth0/nextjs-auth0
usesjsonwebtokens
and attaches the decoded user on the req object (if success login)? -
Do I need additional middleware in order to use JWT?
-
Should I validate JWT for authorization using a JWKS? (on resolvers)
Thanks!