Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

[Docs]: cookieName is required on when mimicking dbAuth cookie generation on v7.6.2 #11694

Open
1 task
ejsinfuego opened this issue Oct 11, 2024 · 11 comments
Open
1 task

Comments

@ejsinfuego
Copy link

Summary and description

i'd like to thank you all for your hard work and dedication for making this framework.

maybe it's nice to have some heads up on the sample code on Oauth that a cookie name is required when using dbauth v7.6.2

Are you interested in working on this?

  • I'm interested in working on this
@dthyresson
Copy link
Contributor

Summary and description

i'd like to thank you all for your hard work and dedication for making this framework.

You're welcome!

maybe it's nice to have some heads up on the sample code on Oauth that a cookie name is required when using dbauth v7.6.2

Could you suggest some wording or a code example for this for us to review to make sure it resolves your issue?

Thanks.

@ejsinfuego
Copy link
Author

Sure.

image

Maybe we can have that kind of that info component that says "On dbAuth version 7.6.2, cookie name is required. You can check on /api/src/functions/auth.ts"

I tried to use the sample code in the docs as reference to implement my custom OAuth. Cant make it work because I am accustomed to dbAuth v7.0.0 until i noticed the cookie name on v7.6.2 is session_8911 which is different from the sample code on documentation.

@Muhammad-Owais-Warsi
Copy link

Hi, is anyone working on this ? I would love to solve the issue.

@dthyresson
Copy link
Contributor

dthyresson commented Oct 16, 2024

HI @Muhammad-Owais-Warsi ... could you clarify what you are looking for?

  • docs to say that cookieName is required
  • how to use or set cookie name when customizing dbAuth?v(did you implement an OAuth solution)
  • using dbAuth in general is having an issue
  • need an OAuth solution for Redwood or dbAuth

@dthyresson
Copy link
Contributor

Maybe https://github.com/spoonjoy/redwoodjs-dbauth-oauth is what you need for Redwood and OAuth?

This library provides an easy and effective way to integrate OAuth into your RedwoodJS applications, offering a seamless experience for both developers and end users. Currently, it supports OAuth providers including Apple, GitHub, and Google, with a flexible architecture that allows for the expansion to more providers.

It's working for v8.

@Muhammad-Owais-Warsi
Copy link

@dthyresson as per the issue states , that cookieName is required on docs, that's what I am thinking to add. Thanks :)

@dthyresson
Copy link
Contributor

dthyresson commented Oct 16, 2024

as per the issue states , that cookieName is required on docs, that's what I am thinking to add.

@Muhammad-Owais-Warsi it helps us to have an example and show where in the docs.

Would a note/callout of:

"On dbAuth version 7.6.2, cookie name is required. You can check on /api/src/functions/auth.ts"

here
image

See: https://docs.redwoodjs.com/docs/auth/dbauth#cookie-config

Be what you think will help?

Just looking for example where in the docs to include that tip.

@Muhammad-Owais-Warsi
Copy link

Right, maybe I have misunderstood something. Sorry for the inconvenience. Thanks

@ejsinfuego
Copy link
Author

ejsinfuego commented Oct 17, 2024

hello, i hope this will help. this is the code that works for me.

import { cookieName } from '@redwoodjs/auth-dbauth-api'

//on dbAuth v7.6.2, cookie name is required

const secureCookie = (user) => {
  const expires = new Date()
  expires.setFullYear(expires.getFullYear() + 1)

 //... the rest of the code

  const cookieAttrs = [
    `Expires=${expires.toUTCString()}`,
    'HttpOnly=true',
    'Path=/',
    'SameSite=Strict',
    `Secure=${process.env.NODE_ENV !== 'development'}`,
  ]
  const data = JSON.stringify({ id: user.id })

  const encrypted = CryptoJS.AES.encrypt(
    data,
    process.env.SESSION_SECRET
  ).toString()
  return [`${cookieName}=${encrypted}`, ...cookieAttrs].join('; ')
}

@dthyresson
Copy link
Contributor

dthyresson commented Oct 17, 2024

Thanks @ejsinfuego . Could you make a PR with this how to docs change and reference this issue? That way the change and update can get reviewed and merged.

You can find the file here: https://github.com/redwoodjs/redwood/blob/main/docs/docs/how-to/oauth.md

@ejsinfuego
Copy link
Author

Sure. I will. Thank you so much!

ejsinfuego added a commit to ejsinfuego/redwood that referenced this issue Oct 17, 2024
this is related to the issue redwoodjs#11694
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Projects
None yet
Development

No branches or pull requests

3 participants