Skip to content

auth0-blog/cookie-jwt-auth

Folders and files

NameName
Last commit message
Last commit date

Latest commit

 

History

2 Commits
 
 
 
 
 
 
 
 
 
 
 
 

Repository files navigation

Auth0 + NodeJS API Seed + Cookie JWT Authentication

This seed project builds on Auth0's NodeJS API seed and extends it to handle cookies.

// server.js
var authenticate = jwt({
  secret: new Buffer(process.env.AUTH0_CLIENT_SECRET, 'base64'),
  audience: process.env.AUTH0_CLIENT_ID,
  getToken: function fromHeaderOrCookie(req) {
    if(req.headers.authorization && req.headers.authorization.split(' ')[0] === 'Bearer') {
      return req.headers.authorization.split(' ')[1];
    } else if(req.cookies && req.cookies.id_token) {
      return req.cookies.id_token;
    }
    return null;
  }
});

This is the seed project you need to use if you're going to create a NodeJS API. You'll mostly use this API either for a SPA or a Mobile app. If you just want to create a Regular NodeJS WebApp, please check this other seed project.

Running the example

In order to run the example you need to have npm and NodeJS installed.

Run npm install to ensure local dependencies are available.

You also need to set the ClientSecret and ClientId for your Auth0 app as enviroment variables with the following names respectively: AUTH0_CLIENT_SECRET and AUTH0_CLIENT_ID.

For that, the following should have been already created for you; if not, just create a file named .env in the directory and set the values like the following, the app will just work:

# .env

AUTH0_CLIENT_SECRET=myCoolSecret
AUTH0_CLIENT_ID=myCoolClientId

You need to create a file that calls Auth0's API for a JWT and stores it as a cookie. The example will also handle JWTs sent as Authorization headers.

About

Example of how to use JWTs in cookies

Resources

Stars

Watchers

Forks

Releases

No releases published

Packages

No packages published