creamy-action-66479
12/13/2021, 10:28 AMhigh-optician-2097
toSession()
(https://www.ory.sh/login-spa-react-nextjs-authentication-example-api-open-source/#react-hook-to-find-out-if-a-user-is-authenticated) function and you'll get the session. Other than Auth0, you don't need to worry about tokens or token storage or refreshing stuff. That's why (I think 😅) Ory is so awesome! We take away the complexity by doing it for you!
Regarding your API routes, it works the same way. Use the SDK's toSession()
to get the session (or an error if the user is not authenticated or still needs to do 2FA).
Hope this helps 🙂creamy-action-66479
12/13/2021, 10:37 AMcreamy-action-66479
12/13/2021, 10:45 AMrough-sunset-51786
12/13/2021, 10:55 AM_app.jsx
component, in Create React App, in your App
component. If you have a shared layout, you can do it in there as well
Page load -> check auth -> show loader (ideally show nothing if time is <~300ms and then fall back to loader)
If the request failed or there's no session -> show signed out view
Active session -> show signed in viewrough-sunset-51786
12/13/2021, 10:57 AMcredentials: include
in your fetch options (https://developer.mozilla.org/en-US/docs/Web/API/Fetch_API/Using_Fetch) or withCredentials: true
when using something like axios.creamy-action-66479
12/13/2021, 10:58 AMrough-sunset-51786
12/13/2021, 10:59 AMconst link = createHttpLink({
uri: '<path to your /graphql>',
credentials: 'include'
});
https://www.apollographql.com/docs/react/networking/authentication/#cookiecreamy-action-66479
12/13/2021, 11:01 AMory
package and toSession()
to validate the credentials in the backend as well right?
Actually I think this answers my question (maybe) with the approach here https://github.com/ory/docs/blob/master/examples/typescript-express/src/middleware.ts