堆栈内存溢出
  简体   繁体   English

将 Auth0 集成到 Node & Express 应用程序中

[英]Integrating Auth0 into a Node & Express app

 原文  2019-11-05 19:52:58       node.js/ express/ auth0

问题描述

I'm using Node and Express for the backend of a mobile app (Flutter).我将 Node 和 Express 用于移动应用程序 (Flutter) 的后端。

I'd like all authentication REST facing the client to be auth0's, since they can handle attacks and security in general much better than me.我希望面向客户端的所有身份验证 REST 都是 auth0 的,因为它们通常可以比我更好地处理攻击和安全性。

Sign Up -报名 -

  1. Client sends a request to a signup endpoint on auth0's server, with custom fields in addition to the existing ones.客户端向 auth0 的服务器上的注册端点发送一个请求,除了现有的字段之外还包含自定义字段。
  2. On authentication success, auth0 sends an s2s to a signup endpoint on my server with the signup data, as well as a JWT token containing the auth data.身份验证成功后,auth0 将 s2s 发送到我服务器上的注册端点,其中包含注册数据,以及包含身份验证数据的 JWT 令牌。
  3. Auth0 incorporates the data responded from the signup endpoint on my server into the response to the client. Auth0 将从我的服务器上的注册端点响应的数据合并到对客户端的响应中。

Sign In - Same as Sign Up basically, except there's no need to accept custom fields from the client.登录 - 基本上与注册相同,除了不需要接受来自客户端的自定义字段。

If such a flow is possible, can you please refer me to the relevant docs or otherwise help me understand how?如果这样的流程是可能的,您能否请我参考相关文档或以其他方式帮助我了解如何? Example implementations in node/express would be much appreciated as well. node/express 中的示例实现也将不胜感激。

1 个解决方案

解决方案1
 0  2019-11-11 23:34:59

As christian mentioned in the comments, you can use a post reg web hook.正如评论中提到的克里斯蒂安,您可以使用帖子 reg web 挂钩。 In addition, because hooks do not support social connections, you can use a rule to send a request to your server to create the user in your db.此外,由于钩子不支持社交连接,您可以使用规则向您的服务器发送请求以在您的数据库中创建用户。 You can add a flag to the user's metadata to determine whether or not this rule runs.您可以向用户的元数据添加一个标志以确定此规则是否运行。

https://auth0.com/docs/hooks/concepts/post-user-registration-extensibility-point https://auth0.com/docs/hooks/concepts/post-user-registration-extensibility-point

Here is another strategy: https://community.auth0.com/t/distinguish-between-first-login-and-silent-auth/32986这是另一种策略: https://community.auth0.com/t/distinguish-between-first-login-and-silent-auth/32986

Let me know if this makes sense.让我知道这是否有意义。

暂无
暂无

声明:本站的技术帖子网页,遵循CC BY-SA 4.0协议,如果您需要转载,请注明本站网址或者原文地址。任何问题请咨询:yoyou2525@163.com.

相关问题 使用Auth0和node.js将身份验证集成到我的应用程序 - integrating authentication to my app using Auth0 and node.js 将auth0集成到Web应用程序Express / Node js中 - integrate auth0 in a web app express / node js 将My Node js业务逻辑与Auth0,亚马逊API网关和剥离付款集成 - Integrating My Node js business logic with Auth0, amazon api gateway and strip payments 将 Webpack 与 Auth0 集成或如何向 IBM Cloud Functions 添加额外的 Node.js 模块 - Integrating Webpack with Auth0 or how to add additional Node.js modules to IBM Cloud Functions 在Node.js应用程序的模式窗口中登录Auth0 - Auth0 login in a modal window in Node.js app Auth0升级到Node8 - Auth0 upgrade to Node8 使用节点验证Auth0 JWT - Verify Auth0 JWT with Node Nginx将身份验证传递给Node js Express应用 - Nginx pass auth to Node js Express app 使用 Express 获取 Auth0 的访问令牌 - Getting access token for Auth0 with Express 将我的node.js模块集成到express.js应用程序 - Integrating my node.js module to express.js app
相关标签
 
粤ICP备18138465号  © 2020-2024 STACKOOM.COM