Should I rely on this future release or
Currently using Node.js + express-session + Vue on Webpack dev server, and the settings aren’t perfect… (I have to customize to my own needs.)
Not sure if I should use localStorage or server-side database to store Auth0 session.
It depends. Do you need the session on the server or on the client? Does your client-side application need to acquire tokens to call an API?
If your backend just serves the client-side application, and the single page application needs to sign in the user and do API calls, then auth0-spa-js would seem like a good option. This architecture is described here: https://auth0.com/docs/architecture-scenarios/spa-api.
An example would be:
- Express backend serves SPA
- (optional) Express backend exposes API endpoints. In said endpoints, a valid token is required to authenticate requests
- SPA performs sign-in flow and acquires tokens to make requests to API endpoints (in Express backend or elsewhere)
The SPA SDK allows to perform sign-in and acquire tokens from single page applications.
In contrast, this new middleware implements sign-in flow from the server-side. The session then exists in the backend.
If you just need the session on the server-side and you are using Express, the new middleware would help. This example is described here: https://auth0.com/docs/architecture-scenarios/web-app-sso
Hope this helps!