I have a nodejs (express) backend that auth0 will be handled (login, callback etc.).
I implemented the auth0 using passport.js
in the backend and was able to get the JWT token etc. from the passport.authentication
method.
In the passport.authenticate
method I use the following code
function authenticationCallback(req, res, next) {
passport.authenticate("auth0", function (err, user, { jwt, refreshToken }) {
if (err) {
logger.error(err);
return next(err);
}
if (!user) {
return res.redirect("/api/auth/login");
}
req.logIn(user, function (err) {
if (err) {
logger.error(err);
return next(err);
}
const returnTo = req.session.returnTo;
delete req.session.returnTo;
res.redirect(returnTo || "/api/auth/check");
});
})(req, res, next);
}
But this code just redirects the user to /api/auth/check
. This is where I want to handle the saving of the users info to the database. The above code just redirects to the given URL without any of the information of the user (auth0 id etc.). How is this usually handled? Calling the next()
method will just pass it to the next middleware just as the when there is an error, which I think is not the right way to do it?
In order to detect if the user being authenticated is a new user or not, I want to send a request to a route/controller (/api/auth/check
) with the info I got back from auth0 to save it in the database. At the same time redirect the user to the successful authentication page that will return the JWT token to the users client (react-native for now but we might have more use cases later such as a react app).
How does this work in auth0? Is the implementation of the backend (re-routing after the callback), is a separate flow from the react-native implementation? How do they come together, I can’t grasp the flow.
Normally, the way I used to do it with the old backend was to return the JWT token to the WebView and save it in the app and close the WebView, but now this is all handled by auth0.
I hope my use case is clear.