Currently auth0 performs this lookup. This made sense back when the UI was an SPA and we relied on a JWT with the id and roles embedded in it, nowadays it's a next.js app, and we could do all of this on the backend and just provide a /me endpoint to the UI.
Then auth0 wouldn't need any special config and would no longer need database access.
This would simplify code on both sides.
It would have the added benefit of auth using the local database which currently it doesn't, causing mysterious behavior.
evoskamp
commented
1 year ago
Currently auth0 performs this lookup. This made sense back when the UI was an SPA and we relied on a JWT with the id and roles embedded in it, nowadays it's a next.js app, and we could do all of this on the backend and just provide a /me endpoint to the UI.
Then auth0 wouldn't need any special config and would no longer need database access.
This would simplify code on both sides.
It would have the added benefit of auth using the local database which currently it doesn't, causing mysterious behavior.