If I’m not implementing a total mess, I might have found a solution…
First of all, this helped me a lot:
I had axios, and on top of that useApi custom hooks as react-query implementations. Under the useApi I could use my custom useAuthToken hook which gets the token. But, there, if the user is not logged in, I set it to an empty string (in catch error) and do not send a bearer token through axios.
On the server side, to not duplicate every route, I cannot use protected routes and cannot use the auth0.middleware in examples directly. I think I need to implement special code to get the logged in status and decide the database queries checking that status. I wonder if I can also use the scopes in here, such as read:public, read:moderator etc…
Any insight is very much welcome.