0

I have an application with (nuxt js using nuxt-auth) with local authentication so far (later I want to add git and google auth).

Now I need to add authentication to invoke other services / API (like google cloud rest API, payment system, youtube API, etc...)

The question is: the user is authenticated only once (during login to the application.) but each of these 3rd party APIs has its own authentication.

How to implement multiple authentications. (I read the documentation and google for the entire day but there is no clear answer).

kissu
  • 40,416
  • 14
  • 65
  • 133
user2779840
  • 63
  • 2
  • 11
  • It brings some clarity but now even on a bigger question :-). One of the reasons I choose nuxtjs (don't get me wrong, I really like the framework) is the authentication module. I am sure I miss something, maybe you can give some clarity. Most of the production applications will require authenticating to multiple API's - at least you have actual login and payment systems. How this can be that I can only work with one authentication API ( for example git or google). If I need to integrate payment I got stuck and need to use commercial solutions like OAuth? – user2779840 Apr 18 '21 at 21:13
  • 1
    I've answered to your question in my own answer, because of text length limits. – kissu Apr 19 '21 at 15:23
  • Kissu, really appreciate for so detailed answer. – user2779840 Apr 19 '21 at 16:42
  • 1
    If you don't find a better answer, please accept mine. You can always accept a better one afterwards if it pops out! – kissu Apr 20 '21 at 07:08
  • Sure, how to accept the answer. I am new to StackOverflow. – user2779840 Apr 20 '21 at 09:17
  • You can see a tick (✅) under my score (1). Clicking on it will accept the answer. You can always select a new one if somebody else comes and gives a better than mine! Like here: https://i.stack.imgur.com/OGwTL.png – kissu Apr 20 '21 at 09:20
  • Thanks you for this ! – kissu Apr 20 '21 at 09:41

1 Answers1

1

As of today, it looks like it is not doable (people are needed on this module): https://github.com/nuxt-community/auth-module/issues/889

So, you would need to make it manually by plugging the APIs yourself.

Answer to your latest question~comment

Nuxt is indeed nice with some of it's modules (but you can totally dislike it, no problem :D).

First thing that you need to know, is that this project (nuxt-auth) is not the biggest one, @pooya is doing his best but he is on a lot of projects, so he cannot give all of his love to it. Then, you also need to understand that it's working great but it's still in a decent beta state with a lot of missing features, needed documentation and a lot of small things to make it an all rounded solid top notch solution.

That do not mean that you should not use it, I'm just saying that this module do have some limitations. Hence, the fact that it is not supporting a whole lot of OAuth solutions in a clear + simple + flexible way. And some breaking changes may be introduced in future updates.

The module is aimed towards having an OAuth solution to block the content of your website behind it (in my opinion). It means that you will usually use a single login solution and then, being able to have access to your app. I don't think that it's a viable multi-OAuth solution (yet).

Some services don't even need to use a solution like this. Stripe for example, should not be handled on the frontend but communicate with a backend for sensitive variables and just send minimal info thanks to Stripe Elements.

That said, the most common solution is JWT or OAuth2, and you could totally have a backend service or service like Okta, Auth0 or alike, do the heavy lifting by allowing simple logins to providers (Github, Google etc...).

To sum up, you do connect to this backend/service thanks to nuxt-auth, the service itself does the provider connection and you get the best of both worlds while still connected in a secure way through your initial nuxt-auth entry point login.

Or you could try to reach the community on Discord, see if somebody knows how to do it. Or even try to read the source code to see if it is currently feasable.

And that's my 2cts.

kissu
  • 40,416
  • 14
  • 65
  • 133
  • would it be possible for you to point me on an example of how to implement plugging the API. – user2779840 Apr 16 '21 at 11:48
  • 1
    You can basically start googling stuff like `twitter Oauth vuejs` if you want to implement it on a per-website. You could also look into [0auth](https://auth0.com/authentication) or [Firebase](https://firebase.google.com/products/auth). It all depends on which ones you want to implement, your knowledge of those tools, if you have any backend and so on. A basic npm package may also be enough. And...I'm not sure if your team needs all of them, so maybe look into making a list of priorities to see what goes first (and if all of those Oauth are needed). – kissu Apr 16 '21 at 14:33