I am trying to build a little MVP but I can’t see a clear path yet on how to approach that with using Auth0.
- frontend (NextJS)
- seperated backend (Express, Prisma)
Current mental model
I don’t want to build the login/logout/forgot your email jazz by myself so I looked for something like Auth0. Usually when you build such things yourself you use email/password, JWTs and keep a User entity/model in your backend. That user often then has relations/associations to other entities/models. A User (or author) for example can have multiple books.
Now when I use Auth0 I don’t have that extensive User stuff anymore. Auth0 takes care of that. However I still need to somehow keep track of my users and have them identifiable (authenticated) in my backend, so I still need to have a simplified User entity/model in my backend am I right in that assumption? If so, how are you doing this: What fields does your User have and what data do you use to identify them in your backend? Do I then have to use Auth0 in my NextJS frontend aswell as in the backend to authenticate them? Do I need a webhook that creates a User with the uniquely identifying fields in my backend whenever a User signs up through Auth0, is that the right approach?
Usually for example when a User deleted a book of his he sent a POST to my backend, I decrypt their JWT, check whether its really them and allow that deletion. What do I send if I use Auth0 for that?
Any help and explanation would be greatly appreciated.
Thanks in advance