We use JWT tokens that are same-site, http-only, etc...
the JWT tokens store everything about the User, literally all that is returned from a query of the user is fine.
Since we're only using http-only cookies, remember that any time you want to validate a cookie or read it in any way, you will need to make an API call or use server actions.
Implement the AuthContext so it's easy for frontend to facilitate auth related tasks.
Create user "type" in MongoDB
Implement our simple auth system:
We use JWT tokens that are same-site, http-only, etc... the JWT tokens store everything about the User, literally all that is returned from a query of the user is fine. Since we're only using http-only cookies, remember that any time you want to validate a cookie or read it in any way, you will need to make an API call or use server actions.
Implement the AuthContext so it's easy for frontend to facilitate auth related tasks.
Feel free to take heavy inspiration from my auth implementation from the hack davis judging app. https://github.com/HackDavis/judging-app-2024