Is login via auth0 possible without reloading my SPA?

heike · 2018-12-08 15:10:45 UTC

I am using a call to

this.auth0.authorize();

to let my users log in if they need to (some don’t, since they are only reading public stuff, but not writing).

So far a successful login always leads to a complete reload of my SPA since the redirectUri is called, which I set to the same Url which my SPA has. Is there a way to avoid the reload and just get the information that the user has logged in (including access and id tokens)? The logout works without re-load at least.

This is my auth0 definition (x* = redacted):

  auth0 = new auth0.WebAuth({
    clientID: 'Qxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxx2',
    domain: 'xxxxxx.auth0.com',
    responseType: 'token id_token',
    redirectUri: 'https://www.xxxxxx.de/home',
    scope: 'openid email profile',
    prompt: "login" // enforces window
  });

nicolas_sabena · 2018-12-08 20:31:04 UTC

Try the popup alternative: https://auth0.com/docs/libraries/auth0js/v9#webauth-popup-authorize-

heike · 2018-12-08 23:30:32 UTC

With popup.authorize() a popup appears and after login my SPA is shown again within this pop-up. Ideally I would like the pop-up to disappear after login so that the user (now logged in) can continue to work with the SPA without reloading.

charsleysa · 2018-12-08 23:49:18 UTC

Hi @heike

With the popup showing again after login it sounds like you could be missing a check to see if they are logged in before calling the popup.authorize() method again.

Before calling the popup code you should double check that your code is checking any stored tokens to see if they are logged in (and optionally performing a checkSession() call to see if Auth0 still holds a valid SSO session for the user, this will allow the user to be logged in again without the popup showing).

Hope this helps!