Hey everyone,
I am trying to implement a React SP...
# generalv
victorious-plastic-3087
04/29/2024, 7:56 PMHey everyone,
I am trying to implement a React SPA and a Go backend with ory, could you give me some starting points either in the docs or a tutorial since I am a bit lost with all the documentation I just read
b
billions-elephant-38030
04/29/2024, 7:59 PMwhat part of auth are you wanting to start wityh?
billions-elephant-38030
04/29/2024, 8:00 PMI picked up Kratos (currently all within a docker-compose) and have a good integration with a Vue/Nuxt3 app
v
victorious-plastic-3087
04/29/2024, 8:00 PMBasically I want to a do a quick POC where I log in from my React app and then send a simple get request to my go app, and I expect that I can't do unauthenticated apps to the go api
victorious-plastic-3087
04/29/2024, 8:00 PMAlso I will be not be self hosting myself
b
billions-elephant-38030
04/29/2024, 8:02 PMso you can probably skip the whole BE setup then. the
@ory/client@ory/kratos-clientv
victorious-plastic-3087
04/29/2024, 8:02 PMHmm, how will I protect unauthenticated users from hitting the api
victorious-plastic-3087
04/29/2024, 8:02 PMThis is what's confusing me
b
billions-elephant-38030
04/29/2024, 8:04 PMahhh I've not done that bit in my app yet,, however I think I have a grasp of how it could work...
v
victorious-plastic-3087
04/29/2024, 8:04 PMYeah the front end seems pretty straight forward, just this backend part is confusing a little
b
billions-elephant-38030
04/29/2024, 8:04 PMI'm thinking I'm going to issue the app with a JWT,, since I'll know the JWT secret that ory will use I can use any JWT library in my API to auth it
billions-elephant-38030
04/29/2024, 8:05 PMthat's one way
v
victorious-plastic-3087
04/29/2024, 8:05 PMHmm so no need for any Ory libraries installed in my go app ?
victorious-plastic-3087
04/29/2024, 8:05 PMI also have roles on my app so that is a bit confusing
b
billions-elephant-38030
04/29/2024, 8:05 PMJWT can support roles IIRC
billions-elephant-38030
04/29/2024, 8:07 PMyou jsut add the additional data of a role,, it could be anything. alternatively, once you've confirmed and decoded the JWT you can lookup the user ID as its encrypted within the token
v
victorious-plastic-3087
04/29/2024, 8:08 PMIs the lifetime also configurable
victorious-plastic-3087
04/29/2024, 8:08 PMAnd does it use refresh tokens to generate a new access token every few mins ?
b
billions-elephant-38030
04/29/2024, 8:11 PMhttps://www.ory.sh/docs/identities/session-to-jwt-cors looks like it can set a TTL
v
victorious-plastic-3087
04/29/2024, 8:12 PMSeems trivial
victorious-plastic-3087
04/29/2024, 8:12 PMThank you for all your input
victorious-plastic-3087
04/29/2024, 8:12 PMYou saved me a bunch of time
b
billions-elephant-38030
04/29/2024, 8:13 PMno worries.. JWT is jsut one way,, and i believe you can encode whatever you like in there... btw your backend will have to check the ttl, quick google gave this to check the claim on the token...
Copy code
ttl := 60 * time.Second
myClaims["exp"] = time.Now().UTC().Add(ttl).Unix()billions-elephant-38030
04/29/2024, 8:14 PMbut with Ory's session to JWT and a good JWT go lib you should be good to go
v
victorious-plastic-3087
04/29/2024, 8:14 PMYep as for this part I've done it very often
victorious-plastic-3087
04/29/2024, 8:14 PMJust wondered how to achieve it with ory
b
billions-elephant-38030
04/29/2024, 8:14 PMgun fingers
d
delightful-noon-48365
04/29/2024, 8:28 PMHi @victorious-plastic-3087, you could also setup Ory Oathkeeper with Authenticators : https://www.ory.sh/docs/oathkeeper/pipeline/authn
6 Views