Destroy session Auth0 through back express

Gerarca · December 6, 2023, 8:34pm

Hello!!! folloing this Example Express + Vue js

I’m trying to implement in my back one service that redirect the user to default page if the user is invalid(email) or if the users is blocked, so in my back I added this function:

export const saveSession = async (req, res, next) => {
  try { 
    const { email, username } = req.body;
    const UserUnauthorized = await authenticationService.validateUser(email);

    //check if user is blocked
    //if UserUnauthorized == true, the user is blocked
    //if UserUnauthorized == null, the user cannot access the system
    if(  UserUnauthorized || UserUnauthorized === null  ){ 
      req.logout();
      res.redirect(`https://${env.AUTH0_DOMAIN}/v2/logout?returnTo=${env.CLIENT_ORIGIN_URL}`);
    }else{
      //if not blocked, then save session

      req.session.user = { username , email };
      res.status(200).send("Data Saved");
    }
  } catch (error) {
    next(error);
  }
};

currently don’t work, so I would like your help, How can I destroy the auth0 session and redirect to a default page???

dan.woda · December 12, 2023, 10:00pm

Hi @Gerarca,

From the example you shared, the user wouldn’t be ‘logged in’ in the backend server. This API is simply authenticating tokens and returning errors/resources to the front end.

You could return an error and handle it/logout in the front end.

Otherwise, look in to OIDC Back-Channel Logout.

Gerarca · December 13, 2023, 11:43am

Thanks @dan.woda, It just raised a doubt in me.

I quote
This API is simply authenticating tokens and returning errors/resources to the front end.

I’m trying to implement auth0, I’m creating a decoupled system, I mean, I have my back(express js) running on localhost:3000 and the front(vue js) running on localhost:4040, so, I just want use the loggin of Auth0, check if the email exist on my database.

it’s possible? with auth0

Regards!

dan.woda · December 13, 2023, 8:14pm

You can extract the user’s email from the token and check if they exist.

Gerarca · December 14, 2023, 1:41am

thanks @dan.woda !!!

dan.woda · December 14, 2023, 4:30pm

Let us know if you have any questions.

system · December 28, 2023, 4:30pm

This topic was automatically closed 14 days after the last reply. New replies are no longer allowed.