We use auth0 for login to our production saas app, located on app . example . com
We have a marketing website at example . com which was built on Webflow.
I’m wondering if there is any best practice or light front end JS SDK we can use to check whether the user is currently logged in, and get just a true/false binary answer? The reason for this is wanting to hide the “log in” link in our nav and instead show a link to “my account” etc.
Hoping someone can share a best practice for this - any way to do this besides manually tracking state in a cookie tied to top level domain?
I would have two suggestions regarding this matter:
Use checkSession() in a hidden iFrame pointing to your domain in order to check for an active SSO session. This might be an issue since it is basically checking for a third party cookie which might be blocked by the browser or other possible CORS policies. However, if you have a custom domain, set up, the root will be shared across the domains and the cookies will be considered first party.
Set a non-sensitive cookie after the user logs in on the root domain. You will need to clear this cookie on logout. I would recommend this approach over the first one if you are not using a custom domain.
document.cookie = "isLoggedIn=true; domain=.example.com; path=/; Secure; SameSite=Lax";
//Once you have set this cookie, you can do a simple check like this:
<script>
document.addEventListener("DOMContentLoaded", function() {
const isLoggedIn = document.cookie.includes("is_logged_in=true");
//Add the required logic for your application here
});
</script>