Looking at documentation, Auth0 really supports and encourages an Auth0 popup dialog or redirects. Frankly, I don’t agree with either of those practices in a production application. There may be some instances where it is fine, but there aren’t too many where I can see that as being fit.
With that said, the documentation still references functions for auth0.database and auth0.oauth for signIn that no longer work, and the documentation needs to be updated. The only apparent workaround that I have found thus far is utilizing auth0.oauth.passwordGrant, but this does not grant direct access to the user’s info.
The way in which I wish to have this implemented is that the user visits the front end. From there, they are able to log in. On form submit, the username and password is sent my API which handles the request to Auth0 using passwordGrant. Then, the access token and user’s profile is sent back to the user where they are stored for usage in the app. However, using passwordGrant does not provide the user profile, and requires an additional API call to be invoked in order to obtain that information. The following is what I have. Is there a simpler way?
const user = {
realm: "Username-Password-Authentication",
username: "username",
password: "password"
}
auth0.oauth.passwordGrant(user)
.then(data => {
auth0.users.getInfo(data.access_token)
.then(userData => {
res.send({ dauserDataa });
})
.catch(err => {
res.send({ err });
});
})
.catch(err => res.send({ err }));