Securing NodeJS Backend as well as my React-Frontend (using Auth0-Lock)?

I’m not familiar with it. It looks like it’s built on auth0.js, which is our older sdk. We have sample apps for gatsby that use our newer react-specific SDK. Check this out: