Doing Auth from a different backend
Unanswered
Chinese Alligator posted this in #help-forum
Chinese AlligatorOP
i have a scenario where i'm doing authentication based on token from a backend other than next.js and i'm not allowed to use any of the authentication solution, what can be the ways to apporach it?
like authenticate users in middleware.ts and other things, please help me from my predicament. Like how should i approach it.
like authenticate users in middleware.ts and other things, please help me from my predicament. Like how should i approach it.
1 Reply
If it's an HTTP-only token, you can add credentials: true in your fetch to do authenticated requests (login, logout, etc). If not, if it's just a normal bearer token, store it in your database and grab it when you need it. Avoid putting it in localstorage or cookes since they're prone to XSS attacks. Use middleware.ts to do protected routes. Fetch the user profile their with the auth token, if it's null, redirect to login page. If not, then proceed.