Hi,
I’ve set up a website that uses lock.js to authenticate with auth0 on a login page.
If the user logins in successfully, it sends them to a index.php page.
The page calls the auth0 sdk and checks if a $userInfo exists.
use Auth0\SDK\Auth0;
$auth0 = new Auth0($auth0Config);
try {
$userInfo = $auth0->getUser();
if(isset($userInfo['error'])) {
throw new Exception();
}
} catch (Exception $e) {
session_destroy();
header("Location: " . APP_PATH);
exit();
}
Is this acceptable method of authenticating, should I even be combining lock with the php-sdk?
Thanks