thdxr
commented
2 months ago we are releasing auth more officially next week so you should hold off trying to use it until then
Closed shen-lin closed 2 months ago
thdxr
commented
2 months ago we are releasing auth more officially next week so you should hold off trying to use it until then
shen-lin
commented
1 week ago @thdxr Is Auth released now? I don't find it in the sst 3.0 documentation.
jayair
commented
1 week ago Nope not yet
shen-lin
commented
1 week ago @jayair Thanks for your reply. Do you have estimation when would it be ready?
The closest example I could find is ion/examples/aws-auth.
The authentication process works successfully and I can call
input.tokenset.claims()to retrieve user information.But I have 3 remaining issues:
I don't know how to achieve as in 2.0. In AuthHandler > callbacks >
async success(ctx, input), I am able to to callResponse.redirect. But how can I add set-cookie header as in 2.0 example?Inside
async success(ctx, input)implementation, am I right that I should generate a JWT token and then web client can carry this JWT token in http requests for authentication?Since I am not able to pass the token as set-cookie to client yet, I tested
session.verifyalso insideasync success(ctx, input). But it returned error "Error: No auth resource found".By looking at the implementation in sdk/js/src/auth/session.ts, it seems create method can use AUTH_PRIVATE_KEY either from env var or linked Resource. But
verifymethod only attempts to find public key from linked Resource value that has a publicKey property. Why the private key and public key are accessed quite differently?https://<myaws-lambda-url>/google/authorizereturns missing_redirect_uri error. When this happens, I need to enterhttps://<myaws-lambda-url>/google/authorize?redirect_uri=/u&response_type=codefirst (will cause Access Block error from google), and then enterhttps://<myaws-lambda-url>/google/authorizeagain. It redirects to google oauth correctly.