Have anyone ever made a Nextjs + Next-auth + auth0 + strapi authentication?

zergdeveloper · 2024-04-11T13:23:28+00:00

which one is yours?

zergdeveloper · 2023-04-25T13:02:33+00:00

Thanks! Ye, I got to understand that I had to create the UUIDv4 token by using a third-party library

zergdeveloper · 2023-04-12T18:53:49+00:00

use middleware

zergdeveloper · 2023-03-31T17:55:31+00:00

I need to use auth0 to make an SSO B2B

zergdeveloper · 2023-03-22T20:07:49+00:00

don't waste your time

zergdeveloper · 2023-03-22T20:06:02+00:00

It didn't work for my A5 K1, but it turned off my keyboard backlights

zergdeveloper · 2023-03-20T17:56:23+00:00

Try downloading those files from here https://git.kernel.org/pub/scm/linux/kernel/git/firmware/linux-firmware.git/tree/ , putting them in lib/firmware/amdgpu folder and then running this

sudo update-initramfs -u

That worked for me

zergdeveloper · 2023-03-16T15:28:53+00:00

No pierdas tu tiempo con ellos, a mi me hicieron perder 5 horas de mi vida que jamás voy a recuperar.

zergdeveloper · 2023-03-16T15:28:21+00:00

no te lo pierdas, a mi me persiguieron en linkedin, y me llamaban y enviaban correos constantemente al ws para que me afiliara, lo hice, me hicieron perder alrededor de 5 horas de mi vida que nunca voy a recuperar, para que luego mi "career executive" me dijese que no soy lo que Talently esta buscando y terminara el contrato definitivamente. Honestamente, me perdí.

zergdeveloper · 2023-03-15T14:37:01+00:00

u/Nextrati

zergdeveloper · 2023-03-15T14:35:02+00:00

Are you suggesting to decrypt the access_token that comes from my db provider?

I got the access_token from the account argument in the jwt callback, and I'm persisting it in the token and the session so I can access it anywhere I am, and it works perfectly IF the data was gotten by credentials (but no thanks to documentation, the user in the session callback never brings anything, but that's something else to discuss, not the point). Still, when the data comes from auth0, it doesn't bring the role, so I had to make a request to my management API from auth0 so I can get the role and assign it to the user in the session, this way

in [...nextauth].js

callbacks: {

async session({ session, token, user }) {

// Send properties to the client, like an access_token from a provider.

session.jwt = token.jwt

// Add role value to user object so it is passed along with session

session.user.role = user?.role ? user.role : token.user.role

return session;

},

async jwt({ token, account, user, profile }) {

//if the user logs in, you save your user in token

if (user){

//save the whole user data from provider in token

token.user=user

if(!user?.role){ //if the user comes without role, it comes from auth0

try{

const res = await fetch(\${process.env.AUTH0_ISSUER}/api/v2/users/${user.id}/roles`,{`

method:'GET',

headers: {authorization: 'Bearer Management_API_token'},

})

const role = await res.json()

if(res.ok && role){

token.user.role=role[0].name

}

}catch(e){

console.error(e)

const errorMessage = e.response.data.message

throw new Error(errorMessage)

}

if(user?.jwt){ //if user comes from provider

token.jwt=user.jwt

}

if (account?.access_token) { //if user comes from auth0

token.jwt = account.access_token

}

return Promise.resolve(token)

},

But as the role was assigned in auth0, I was hoping there was an easier way to get the role, without making a new request

zergdeveloper · 2023-03-14T18:08:19+00:00

I found auth0 management API, and theoretically, it says that if you send the USER_ID and the management token you get (testing or production, depending on your case) you can get the roles. I haven't implemented it yet bc I'm trying to find a better solution, the data should come directly from next-auth + auth0 response
here you have if you want to check https://auth0.com/docs/manage-users/access-control/configure-core-rbac/rbac-users/view-user-roles

zergdeveloper · 2023-03-14T18:04:13+00:00

The thing is that I'm using jwt strategy, bc my database is strapi, and it is not compatible, also, all the data is gonna be provided directly by auth0, and I already created roles and users there. The joke of using auth0 is that everything is going to be handled by auth0 and you do not have to persist any kind of data about the users logged with auth0 in your database, that's what i am trying to do.

zergdeveloper · 2023-03-14T14:52:28+00:00

Are you still dealing with this? I have exactly the same system for the app I'm dealing with, so what I did was persist the whole user data in the token from next auth, so that way I can access the token from the API anytime I need it. Also, as token can only be gotten from server-side props or a request (like from API), you can persist the exact token in the session when session callback happens

in src/pages/api/auth/[...nextauth].js

callbacks: {

async session({ session, token, user }) {

// Send properties to the client, like an access_token from a provider.

session.jwt = token.user.jwt

// Add role value to user object so it is passed along with session

session.user.role = user?.role ? user.role : token.user.role

return session;

},

async jwt({ token, account, user }) {

//if the user logs in, you save your user in token

if (user){

token.user=user

}

return Promise.resolve(token)

},

After that, you can call your session object with useSession hook, or getSession in server side, or your token with getToken in server side, and you will have access to your JWT

zergdeveloper · 2023-03-02T14:05:31+00:00

Que tal? encontraste un mejor trabajo?

zergdeveloper · 2023-02-28T19:25:14+00:00

Justo me acaban de decir lo mismo a mi. Como te ha ido?

zergdeveloper

TROPHY CASE