Generating JWT on backend server and passing that to next-auth #4839
Unanswered
hagginoaks
asked this question in
Help
Replies: 2 comments 2 replies
-
@hagginoaks hi. Did you find any solution? |
Beta Was this translation helpful? Give feedback.
2 replies
-
I ended up using the same code you provided to get what I wanted. I was in the same context as you. Now I am wondering, is this the right approach for this type of infrastructure? Is it really production-ready? Has anyone else been in the same situation? |
Beta Was this translation helpful? Give feedback.
0 replies
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
-
Question 💬
Hello,
I have an external API server which is running on express.js. This api server needs all of its endpoints secured, so I already create a JWT on the server when a user logs in, and send that back to my next.js application.
When using next-auth, I notice that there is
session.maxAge
. It seems like this key doesn't respect my server generated JWT maxAge. So if I set my maxAge in[...nextauth].ts
to something like 1 minute, and on my backend, the JWT is 2 minutes, next-auth will automatically revoke the token after 1 minute.I was looking into doing a custom database adapter but it seems like all of those are for doing database operations within the next.js application, and not by something like an external API server. Am I doing this right?
Also is there a good example of an implementation like this already? It would obviously be simpler if all of my logic was contained within a next.js application and I allowed next-auth to manage the JWT age, but it's imperative that my external API tokens stay in sync with my client.
How to reproduce ☕️
[...nextauth].ts
:My token service on the server that generates the JWT:
And here is my authGuard which is attached to all my endpoints on my express.js server:
Contributing 🙌🏽
Yes, I am willing to help answer this question in a PR
Beta Was this translation helpful? Give feedback.
All reactions