Replies: 1 comment 2 replies
-
|
@LouisAmon I'm trying to achieve a similar result. I have a REST API that we use to generate the JWT and I want to use next-auth for the frontend auth logic. Did you ever manage to solve this? |
Beta Was this translation helpful? Give feedback.
2 replies
-
|
I don't quite remember We switched to Svelte a few months ago |
Beta Was this translation helpful? Give feedback.
-
|
Are you using the sk-auth package? |
Beta Was this translation helpful? Give feedback.
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Uh oh!
There was an error while loading. Please reload this page.
Uh oh!
There was an error while loading. Please reload this page.
-
I'm looking to use Next-Auth merely as a framework for managing authentication routes & cookies in a standardized way.
I have a GraphQL backend which generates the JWT, I just want my frontend to consume that and block certain pages to users with insufficient permissions... ideally via a Middleware.
I noticed that the secret key is a mandatory setting, especially when using the Middleware : that doesn't make sense if you don't generate the JWT (in my case only the GraphQL backend needs to know the secret key).
If the frontend is merely consuming an API, it doesn't need to be able to decode the JWT : it can merely use a base64 decode to read the data inside to token without having to verify the integrity. The frontend knows where the data comes from since it explicitly queried a certain backend server, which isn't the case the other way around.
I don't know how to manage using Next-Auth without letting it decide how JWT are generated. I'd much rather keep using GraphQL than REST...
Is that at all possible ?
Beta Was this translation helpful? Give feedback.
All reactions