jatingodnani
commented
8 months ago @deepakprabhakara so are you asking to make a user authentication form with jwt?
Open deepakprabhakara opened 9 months ago
jatingodnani
commented
8 months ago @deepakprabhakara so are you asking to make a user authentication form with jwt?
deepakprabhakara
commented
8 months ago @jatingodnani The form to login is already there but we don't actually create a jwt session. That would be good to mimic some of the features like forcing authentication even if logged in.
jatingodnani
commented
8 months ago @deepakprabhakara @devkiran what would you prefer should i store jw-token in cookies or should i use state in local storage.
deepakprabhakara
commented
8 months ago @jatingodnani HttpOnly cookies
deepakprabhakara
commented
8 months ago @jatingodnani next-auth makes it easy to work with sessions, please use that.
jatingodnani
commented
8 months ago @deepakprabhakara if i use next-auth whole login folder will be changed
Currently login is simulated but to test things like ForceAuthn we should login the user via a session and then provide a logout functionality. If use is logged in they should be directly taken through skipping the current login screen.