I am new to React and node. I am using React.js and Nodejs. I am doing an Axios POST request where I am sending data and in Node.js, I am creating a JWT token.
Now I want to use this token in auth middleware with the code I have made.
I get data in React.js from Node.js, using res.data. I can't save the data in localStorage or sessionStorage as it is not accessible by Node.js and gives error ReferenceError: localStorage is not defined
How to save the token so that I can get in Node.js?
You can send it via the request header or even part of the request url, both of which are accessible in nodejs
Related
I have simple html,css and js frontend and node.js backend.Im using firebase for authentication at backend.Now how can I protect or authorize some routes.
If any one tries to access a route(say dashboard) without proper authentication then he must redirect to login page or any error message page.
What's happening in your server's firebase instance itself it's being authenticated instead of returning the authentication data to the client. What you should be doing is returning the client authentication token on the request. There's a section covering server authentication here
https://firebase.google.com/docs/auth/admin/#custom_token_creation
Still issue?
https://firebase.google.com/docs/auth/web/google-signin
From Angular 6 I am making an Http request to Expressjs,
Expressjs calls an API to get specific details
In-Depth Explanation:
I have created interceptor in Angular 6 but that is not passing access token for each request which I am making from express. So I am trying to create an interceptor in express which can send token for each API request and if a token is expired then it should call API to refresh the access token.
I am learning Node.JS and I am trying to bring Firebase Auth into my application. With client-side firebase auth, you can just do firebase.auth().currentUser but in node, as the script is not run on the client, but once on the server, you cannot use firebase.auth().currentUser. Is there a way involving sessions or cookies (I think) to get user data and use normal Firebase Auth operations from node just like client side Firebase Auth?
(I am using express with Node)
As you've found there is no concept of a current user for a request sent to a node script.
What you'll want to do is use Firebase Authentication on the client, and then send the resulting ID token to your node.js script, where you verify that the token is valid using the Firebase Admin SDK.
I am trying to use passportJS / Express backend, and a react JS frontend, for social auth. However, I am not certain about how to go about doing so.
I have did some reading and implemented social auth, which returns a JWT token signed by the express app when logged in with Google Auth. This allows me to access protected endpoints at the backend using the Authorization header.
However, how does one trigger this via React, especially since a call to Google should be made directly via the frontend (and hence backend does not do the authentication trigger using Passport JS)? Specifically, how should this flow look like when both backend and frontend are decoupled?
Actually, lol shortly after posting, I just found this:
https://medium.com/#alexanderleon/implement-social-authentication-with-react-restful-api-9b44f4714fa
The skinny:
auth client-side via Google
use Google's token and send over to Express server; verify that tokens are authed and match
If both match, issue a JWT token to be used in for Express JS API calls. This should be stored in localStorage.
How do I pass the value of JWT from my node js backend to android/ios frontend?
Should it be scored in my mongoDB database to be picked up each time by the frontend?
I am not getting your problem when user will login JWT is sent from the node backend and your android device will store it and for every request, it will send the JWT to authenticate.
Typically for mobile apps, if you're trying to get a JWT from your node.js server, it is passed as a response to an API request.
One pattern if you're using JWT for authentication is the client will make a request to the node.js API at /authenticate for example, which will send back the JWT in the response body if authentication was successful. The client can then pass this token with subsequent requests to show that it has been authenticated- the server will parse the JWT to determine whether it is valid.
There's a great article on this here: https://scotch.io/tutorials/authenticate-a-node-js-api-with-json-web-tokens