Question

138

Get accessToken in auth0

rated 0 times [ 142] [ 4] / answers: 1 / hits: 5144 / 3 Years ago, sun, february 28, 2021, 12:00:00

I am using auth0 and nextJS.

I want to do next: When the user will add his credentials and will log in he is redirected to the callback API.

And here

    import auth0 from '../../utils/auth0';



    export default async function callback(req, res) {

      try {

        await auth0.handleCallback(req, res, {

          redirectTo: '/'

        });

      } catch (error) {

        console.error(error);

        res.status(error.status || 400).end(error.message);

      }

    }

I want to redirect the user depending on the token.

Decoding the token I will get data if the application is a simple user or admin.

If he is an admin he should be redirected to the admin page if not to the user page.

So I did something like this:

    import auth0 from '../../utils/auth0';



    export default async function callback(req, res) {

       const tokenCache = auth0.tokenCache(req, res);

       const { accessToken } = await tokenCache.getAccessToken();

       console.log(accessToken) 

      try {

        await auth0.handleCallback(req, res, { redirectTo: '/' });

      } catch (error) {

        console.error(error);

        res.status(error.status || 400).end(error.message);

      }

    }

So I want to get the token inside this function to be able to redirect users on different pages, but if I want to get the token here I get the issue:

The user does not have a valid session.

If I delete the code related to the token the user is redirected, but I need to get the token here to be able to do the checking of users.

How could I get the token inside this callback function and achieve what I described above?

Answers

Only authorized users can answer the question. Please sign in first, or register a free account.

jackelyn

Add To Favorites

Follow

Total Points: 303

Total Questions: 103

Total Answers: 102

Location: Turks and Caicos Islands

Member since Sun, Mar 7, 2021

3 Years ago

jackelyn questions

1 NodeJS Sendgrid 401 unauthorized

Thu, Apr 8, 21, 00:00, 3 Years ago

1 How to target a styled component inside another styled component?

Fri, Jan 1, 21, 00:00, 3 Years ago

1 Refresh WooCommerce product page on added to cart

Mon, May 25, 20, 00:00, 4 Years ago

1 How to pass data fetched in _app.js to a component

Thu, Apr 30, 20, 00:00, 4 Years ago

1 Convert a Buffer Array into an image

Fri, Mar 27, 20, 00:00, 4 Years ago

View All

answered 3 Years ago byrondonavanc · Accepted Answer

Using v1.2.0 of the nextjs-auth0 library, you can access the identity token during the callback handler.

import { handleAuth, handleLogin, handleCallback } from '@auth0/nextjs-auth0';



const afterCallback = (req, res, session, state) => {

    console.log(session.idToken);

    if (!session.user.isAdmin) {

        throw new UnauthorizedError('User is not admin');

    }

    return session;

}



export default handleAuth({

    async callback(req, res) {

        try {

            await handleCallback(req, res, { afterCallback });

        } catch (error) {

            res.status(error.status || 500).end(error.message);

        }

    }

});

However, keep in mind, you should generally avoid looking inside the access token by the client application. If you need to relay user information to the client, you should place it in an id_token. The access token is for use by the API, and your client application should not take any dependency on its content format or semantics since access tokens by design have no defined format.