Use personal login page rather than Auth /login standard url

rafael4 · December 22, 2023, 11:19pm

During application setup in auth0 dashboard, auth middleware from 'express-openid-connect library automatic set a /login page in my API.

But i dont want to use this Standard auth0 login page. I want to use my own login page and connect it with Database Authentication - Then, after my login, if mfa is required, i want to be redirected to Auth0 MFA page.

How can i do this?

router.post('/token', limiter, oauth2Validations.validateCreateToken, (req, res) => {
  const authInfo = _.clone(req.body)

  const ip = req.ip
  authInfo.ip = ip.split(',')[0]
  if (!req.oidc.isAuthenticated()) {
    return res.oidc.login({
      authorizationParams: {
        connection: 'Username-Password-Authentication',
      },
    })
  }
  usersApp
    .oauth2PasswordAuth(authInfo, res)
    .then((payload) => {
      res.status(200).json(payload)
    })
    .catch((err) => {
      processError(res, err)
    })
})

I would like to use this route, but when i try to connect with database, i receive a cors error in auth0 /authorize route

spoudel · December 23, 2023, 3:25pm

Allow cross origin authentication in your application dashboard. You would also have to add the allowed web origin.

rafael4 · December 24, 2023, 4:09pm

And it still does not work

spoudel · December 30, 2023, 12:56am

Forgot to mention, you might also need a custom domain, because you’re authorization request actually looks like https://<your_canonical_domain>/oauth/authorize . If you have a custom domain you can deploy your app to the same server to make it look like the request is coming from the same origin.
You would need to maintain Effective Top Level Domain (ETLD) +1 rule to perform a successful cross-origin authorization.
Let me know if you find a workaround.