I have already implemented authentication in a React front end but now I wanna make sure that the api routes are protected so that when a user logs into the Single Page App, he gets a bearer token that lets him query only his data.
I imagine I have to
1- get the bearer token from React (not sure how since the react-auth0-wrapper.js does not seem to have it…
2- create an API in auth0 dashboard, then import the jsonwebtoken npm library in my serverless functions. (?)
I saw that most of the tutorials you have cover ExpressJS in a server environment, so not sure how to approach this with nodeJS serverless functions.
1- I was able to get the jwt token from react-auth0-wrapper.js ! I will send that to the API as a bearer token.
So now I need to implement the serverless API that can parse and verify the token. Any suggestion with that one in a NodeJS but no express environment?
Pretty disappointed by the lack of community help. Not sure why this topic is being ignored and why auth0 has no support staff available to help us.
At the end I parsed and succesfully verified the token with jsonwebtoken.
So I solved my problem of authorizing a request from frontend to API, now I know how to check for unauthenticated request.
Additionally I wanted to ask what are the more appropriate things to do with the verified token content. Should I use the user ID auth0|6j9rfd823... with the Auth0 API to fetch more data about the user?
oh wow guys! Just saw this now, fuuu I should have written a guide for real! sorryy!! ahah! I’m super crazy busy this period but I see if I can do something ok?