Hi Team,
I feel like I'm missing something. I'm setting Kinde up with a new project, it's a seperate React App and express App.
The react app is easy enough, but I can't find any documentation for how to integrate the express app. I've looked through the documentation for Express, but it looks like it expects the express app renders HTML and handles the login/register, etc.
I'm a bit surprised this use case is so hard to find examples for? I feel like i'm missing something or looking at it the wrong way
Unless there is some magic happening with the headers being sent to the API that i'm not aware of, which is entirely possible π€
Nothing that I can see. Just tried to call a protected route and it attemped a 302 to the defined logout
Hi, the protectedRoute
middleware will allow you to provide the react generated access token. This is updated functionality, I will get if the docs are up to date, it sounds like this may be missing.
Once the middleware picks up from the bearer token you can use all the normal helpers account the access token
Ok, so I just need to pass the accessToken as a standard
headers["Authorization"] = `Bearer ${accessToken}`then?
Yes.
This is the section of the middleware which handles this. |
https://github.com/kinde-oss/kinde-node-express/blob/main/src/helpers/kindeMiddlewareHelpers.ts#L54-L74
Yea, as I thought, due to the nature of React being a FE only framework it will be more challenging. Is Express your API also?
π€£ Thats a good thing here.
I would suggest using the express SDK and having that handle the auth, it will store the values in cookies which can then be requested from your react FE
it the Next SDK we have a /setup
route which the FE calls which returns the tokens
simple, will need more checks etc.
app.get("/", protectRoute, getUser, async (req, res) => { res.json({ user: req.user, token: await client.getToken(req), }) });This will return the current user and also the token to the react FE
Hi Daniel,
Thanks for checking in, I'm just sitting down to look at this now. I've got the initial version working with protectedRoute and getUser, that wasn't so much the issue, it was that sending it as the barer token for an axios based front end is a pain, but I'll just have to do it for now from the looks of things
Could you explain a little more there? Can you share some of the code form you axios intercepter?
I don't know, it feels like a fairly standard use case for a SPA to have to send a barer token through axios to an API, so i'm a bit surprised there's not guide for this use case
With the approach I mentioned above with the Express handling the auth you wouldn't need to pass the token with each request to the express api.
app.get("/", protectRoute, getUser, async (req, res) => { res.json({ user: req.user, token: await client.getToken(req), }) });Sorry, I don't quite understand how that works from this snippet. Which part of this is handling the auth?
But I have a pre-existing react app and Express API where the devs never built any authentication, so I'm adding in auth now (as well as a bunch of other things), so I was hoping this would be a quick win
Are you using the React SDK to do auth currently or are you using the express auth routes described here: https://docs.kinde.com/developer-tools/sdks/backend/express-sdk/?
Handling it as part of the express app will involve a bunch of learning and re-writes I don't really have time to do right now tbh
It's great that you have that option, but it's not really an option for me without adding a bunch more work, i'm not building this service from scratch
I'll just build a custom hook or something to manage it on the front end, I'm sure it'll be fine
Great, is that works for you perfect. Our express SDK is quick to get going with if you wanted to migrate in the future this will be a simple migration. π