We have a react application served via NodeJS. The site itself cannot be downloaded before logging in, so NodeJS redirects the user to Auth0 using passport/auth0. When the user is logged in, our NodeJS server sets a cookie that can be accessed via the react application.
I want to allow the react app to stay logged in as long as the browser tab is open, since it powers a dashboard that will remain active on displays for days at a time. I discovered that Auth0’s javascript package auth0-js has a checkSession method. However, this function fails saying that the user needs to log in. I assume this is because it doesn’t know about the server already logging in the user.
Since we already have an id_token in JWT form, is it possible to preload that id_token into the webauth object so the user doesn’t have to log in twice?