cmd-johnson
commented
3 years ago The OAuth2.0 standard doesn't include a way to handle session management. As such, this library only helps you with OAuth2.0 grants.
However, taking the Oak usage example as a basis, what you can do is the following:
In the router's handler for /oauth2/callback, after getting the tokens, create a session ID and store it in your database of choice (or in memory if you want), along with the tokens you received and any additional user data you want to save.
Set the session ID as a cookie (using ctx.cookies.set(sessionCookieName, sessionId");
Then you can build a middleware function that pulls the sessionId from the cookies contained in the requests and looks up the session and its associated data in your data store.
salemalem
I want to add middleware to check user and how to do it?