You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
I've been trying to figure this out for a couple of weeks now. I am working on a Astro project with React (SSR).
We have an existing .NET WebAPI that uses JWT bearer authentication.
POST /api/authenticate
Body: {
username,
password
}
which returns a JWT token. I understand how to use this JWT token to consume our api's resources.
Astro doesn't have a built in authentication but recommended auth.js in their documentation.
Looking at Auth.js, there's a planned provider for Astro.
But I think it would just be a wrapper to use '@auth/core' just like the other existing providers.
I need our project to move forward while waiting for the official auth.js support for Astro.
I could use '@auth/core' and '@auth/core/providers/credentials' since our authentication is just the basic username and password.
Here's what I don't understand with Auth.js Credentials provider.
When you call POST '/auth/signin', why would it redirect to a login page?
Which I though should call the credentials provider authorize method.
So now, in my login form submit, I call the /auth/callback so it executes credentials.authorize.
This works fine until I learned that the authorize method expects a user object in return.
I am not sure if this is the right thing to do this inside my credentials.authorize method?
authorize: async () => {
//call POST /api/authorize to our .NET webapi.
// which would return a JWT token
// call GET /api/user info using the JWT token
// return the user result from GET call.
}
Now my problem is, where should I store the JWT token in Auth.js?
Should I return something like this in my credentials.authorize method?
authorize: async () => {
// ...
return {
id: user.id
token: jwtToken I get from .NET webapi
}
}
Am I right to choose Auth.JS credentials provider? Or should I choose a different authentication component for my Astor project.
I chose Auth.JS because it doesn't require a database.
I am on the verge of choosing a different React SSR capable framework if I can't make Auth.JS work with Astro.
I really like Astro because it's very easy to use compared to others. I didn't expect to meet a road block with authentication.
I would really appreciate if anyone can give me the right direction.
reacted with thumbs up emoji reacted with thumbs down emoji reacted with laugh emoji reacted with hooray emoji reacted with confused emoji reacted with heart emoji reacted with rocket emoji reacted with eyes emoji
-
I've been trying to figure this out for a couple of weeks now. I am working on a Astro project with React (SSR).
We have an existing .NET WebAPI that uses JWT bearer authentication.
POST /api/authenticate
Body: {
username,
password
}
which returns a JWT token. I understand how to use this JWT token to consume our api's resources.
Astro doesn't have a built in authentication but recommended auth.js in their documentation.
Looking at Auth.js, there's a planned provider for Astro.
But I think it would just be a wrapper to use '@auth/core' just like the other existing providers.
I need our project to move forward while waiting for the official auth.js support for Astro.
I could use '@auth/core' and '@auth/core/providers/credentials' since our authentication is just the basic username and password.
Here's what I don't understand with Auth.js Credentials provider.
When you call POST '/auth/signin', why would it redirect to a login page?
Which I though should call the credentials provider authorize method.
It turns out that
/auth/callbackis the one that would execute credentials.authorize method.I learned about this when I check the source code of the unofficial auth.js provider for Astro
https://github.com/nowaythatworked/auth-astro/blob/main/client.ts
So now, in my login form submit, I call the
/auth/callbackso it executes credentials.authorize.This works fine until I learned that the authorize method expects a user object in return.
I am not sure if this is the right thing to do this inside my credentials.authorize method?
Now my problem is, where should I store the JWT token in Auth.js?
Should I return something like this in my credentials.authorize method?
Am I right to choose Auth.JS credentials provider? Or should I choose a different authentication component for my Astor project.
I chose Auth.JS because it doesn't require a database.
I am on the verge of choosing a different React SSR capable framework if I can't make Auth.JS work with Astro.
I really like Astro because it's very easy to use compared to others. I didn't expect to meet a road block with authentication.
I would really appreciate if anyone can give me the right direction.
Beta Was this translation helpful? Give feedback.
All reactions