Open deepakprabhakara opened 9 months ago
@deepakprabhakara so are you asking to make a user authentication form with jwt?
@jatingodnani The form to login is already there but we don't actually create a jwt session. That would be good to mimic some of the features like forcing authentication even if logged in.
@deepakprabhakara @devkiran what would you prefer should i store jw-token in cookies or should i use state in local storage.
@jatingodnani HttpOnly cookies
@jatingodnani next-auth makes it easy to work with sessions, please use that.
@deepakprabhakara if i use next-auth whole login folder will be changed
Currently login is simulated but to test things like ForceAuthn we should login the user via a session and then provide a logout functionality. If use is logged in they should be directly taken through skipping the current login screen.