search

danestves / remix-auth-auth0

An Auth0Strategy for Remix Auth, based on the OAuth2Strategy
MIT License
120 stars 22 forks source link

Support for Silent Authentication #98

Closed lifeiscontent closed 1 year ago

lifeiscontent commented 1 year ago

Describe the bug

https://auth0.com/docs/authenticate/login/configure-silent-authentication

my usecase would be for being able to switch between organizations seamlessly. https://community.auth0.com/t/switch-user-organisation-without-re-login/84183/3

Your Example Website or App

N/A

Steps to Reproduce the Bug or Issue

N/A

Expected behavior

have the ability to set prompt=none in a way that makes sense to support the usecase of switching between orgs.

Screenshots or Videos

No response

Platform

Additional context

No response

lifeiscontent commented 1 year ago

@sergiodxa is there currently a way to dynamically pass prompt to the authenticator.authenticate method? not sure about the security issues if any, but I imagine you'd want to do this via a query param to the auth callback route.

e.g.

/auth/callback?prompt=none which would in turn translate to something like

const url = new URL(request.url);
const params = url.searchParams.get('prompt') === 'none' ? {prompt: 'none'} : undefined;
authenticator.authenticate('auth0', request, {
  context: { params }
})
danestves commented 1 year ago

Actually, right now, when you make a request to /auth/auth0 (or whatever is the URL that you have for login) you can pass the prompt in query params, with that, you can start the silent authentication, I just tried using ?prompt=login and that shows me the login screen of auth0 instead of the register one 👀 can you test it out?

franklinjavier commented 1 year ago

Actually, right now, when you make a request to /auth/auth0 (or whatever is the URL that you have for login) you can pass the prompt in query params, with that, you can start the silent authentication, I just tried using ?prompt=login and that shows me the login screen of auth0 instead of the register one 👀 can you test it out?

This feature worked in version 1.7.0 but doesn't work in the current version. I tried with the ?login_hint= param.

lifeiscontent commented 1 year ago

@franklinjavier just pushed a fix in the latest release, go ahead and try that out. @danestves I think this issue can be closed now.

franklinjavier commented 1 year ago

It worked, thank you. Now with ?login_hint=test@gmail.com

image

danestves commented 1 year ago

Awesome, thanks for confirming and thanks for the help @lifeiscontent