How to fake session with next-auth
Answered
Maltese posted this in #help-forum
MalteseOP
My question is, how next-auth creates/validates a session, is it looking only for cookies (and if so, how? ) or there are additional things? I want to test my app, when I am logged in, but I don't want to log in every time, so I can get session, I want to skip this part and directly jump into testing my app.
I am not using db session. I am laying completely on JWT
I am not using db session. I am laying completely on JWT
Answered by B33fb0n3
next auth for jwt is just basic jwt. JWT = "JSON Web Token". So a signed json object. JWE = "JSON Web Enryption". Both of these work together to create a signed and encrypted token. Next auth will write this token into the cookies so it can be read. Next auth also uses the next secret to secure it. To "hack" next-auth, because you don't want to login isn't very useful. If you know and want to "hack" it, you can directly create your own jwt management
6 Replies
next auth for jwt is just basic jwt. JWT = "JSON Web Token". So a signed json object. JWE = "JSON Web Enryption". Both of these work together to create a signed and encrypted token. Next auth will write this token into the cookies so it can be read. Next auth also uses the next secret to secure it. To "hack" next-auth, because you don't want to login isn't very useful. If you know and want to "hack" it, you can directly create your own jwt management
Answer
@Maltese solved?
MalteseOP
yea
solved
I just saved my session and reuse it trough the app
happy to help