We are currently using Auth0.js v9 Reference (which is marked as outdated) so we are attempting to upgrade to V8.
Currently our login process involves the user logging in via the browser with username and password authentication like so:
var auth0 = new Auth0({
domain: 'SOME DOMAIN',
clientID: 'SOME ID',
callbackURL: 'ourwebsite.com/callback',
callbackOnLocationHash: false
});
var loginOpts = {
connection: 'MY_DB',
username: $('#username').val().toLowerCase(),
password: $('#password').val()
}
auth0.login(loginOpts)
When this login completes auth0 redirects the user to our /callback endpoint which is an express server using the auth0 passport strategy: GitHub - auth0/passport-auth0: Auth0 authentication strategy for Passport.js.
However in V8 the only login process that allows username and password authentication WITH redirection is webAuth.redirect.loginWithCredentials() which is marked as deprecated.
webAuth.client.login() successfully logs the user-in but does not redirect to our endpoint, instead it calls a callback method containing the user object inside a JWT token. webAuth.client.login() also passes back an accessToken in the callback; I have tried to manually redirect the user to /callback?code={accessTokenFromCallback} but I receive an error from passport that the token is invalid.
What would be my best option going forward keeping in mind that the most ideal solution from my perspective would be to not have to change the /callback endpoint which uses passport.
Thanks!