Closed shen-lin closed 2 months ago
we are releasing auth more officially next week so you should hold off trying to use it until then
@thdxr Is Auth released now? I don't find it in the sst 3.0 documentation.
Nope not yet
@jayair Thanks for your reply. Do you have estimation when would it be ready?
The closest example I could find is ion/examples/aws-auth.
The authentication process works successfully and I can call
input.tokenset.claims()
to retrieve user information.But I have 3 remaining issues:
I don't know how to achieve as in 2.0. In AuthHandler > callbacks >
async success(ctx, input)
, I am able to to callResponse.redirect
. But how can I add set-cookie header as in 2.0 example?Inside
async success(ctx, input)
implementation, am I right that I should generate a JWT token and then web client can carry this JWT token in http requests for authentication?Since I am not able to pass the token as set-cookie to client yet, I tested
session.verify
also insideasync success(ctx, input)
. But it returned error "Error: No auth resource found".By looking at the implementation in sdk/js/src/auth/session.ts, it seems create method can use AUTH_PRIVATE_KEY either from env var or linked Resource. But
verify
method only attempts to find public key from linked Resource value that has a publicKey property. Why the private key and public key are accessed quite differently?https://<myaws-lambda-url>/google/authorize
returns missing_redirect_uri error. When this happens, I need to enterhttps://<myaws-lambda-url>/google/authorize?redirect_uri=/u&response_type=code
first (will cause Access Block error from google), and then enterhttps://<myaws-lambda-url>/google/authorize
again. It redirects to google oauth correctly.