search

ojasaklechayt / Music-Streaming-App

Music Streaming App MERN App
https://groovewave.vercel.app
Creative Commons Zero v1.0 Universal
13 stars 18 forks source link

Implement auth provider #28

Closed fekete965 closed 1 year ago

fekete965 commented 1 year ago

This PR is trying to solve the following issue: https://github.com/ojasaklechayt/Music-Streaming-App/issues/16

vercel[bot] commented 1 year ago

The latest updates on your projects. Learn more about Vercel for Git ↗︎

Name Status Preview Comments Updated (UTC)
groovewave ✅ Ready (Inspect) Visit Preview 💬 Add feedback Oct 23, 2023 3:57pm
ojasaklechayt commented 1 year ago

@fekete965 Thankyou for your PR. What you have done is that you have changed the whole authentication code. What the issue was intended to be was, after logging into the website, when user wanted to logout, we need to delete that cookie. Kindly create a new PR with the login page code where we needed to delete the cookie.

fekete965 commented 1 year ago

@fekete965 Thankyou for your PR. What you have done is that you have changed the whole authentication code. What the issue was intended to be was, after logging into the website, when user wanted to logout, we need to delete that cookie. Kindly create a new PR with the login page code where we needed to delete the cookie.

I kindly disagree. I have not changed the authentication code at all, I simply made sure that the data can actually be used in client components.

  1. You are using Cookies.js to save the cookie on the client side on successful login. I simply extracted that 1 line of code and moved it into a provider so the client components can actually use that data in the application if needed
  2. Since you have saved the token as a cookie, we have access to it on the server side as it will be automatically attached to each request. That token is being checked in your middleware which has also been simplified a tiny bit.
  3. On application load, on the server side we extract the cookie from the request and if it is preset we send it to the provider. This ensures that if you have an active token present in your cookies that cookie will be used on your client side.
  4. The logout is indeed very simple as we simply remove the token from the provider + redirect the user to the /logout path where the middleware takes over and removes the cookie from the request just in case.

I am not sure if you are aware of that, but there is no need to close a PR, any change can be amended very easily.