0

So I know there's several SDK packages for many languages available for nHost, however I need to create my own interface to the system since the language I'll be using isn't typical.

I basically just need to know how to interact with authentication endpoints, send a users un/pw and recieve a JWT token. I've been successfully able to do this with aws Cognito, but I'd like to explore this instead.

I'm also not sure if I'm using the right base url, here's my thought so far:

https://kbvlufgpikkxbfkzkbeg.nhost.run/auth/login

So I would POST to there with some json in the body with the un/pw stuff, and the response should be the jwt token right?

I get a "resource does not exist" response from the above, however, so obviously I'm not forming the url correctly in the first place.

Thanks for the help!

Raul Nohea Goodness
  • 2,549
  • 23
  • 24
wizard_draziw
  • 505
  • 1
  • 5
  • 17

1 Answers1

1

Nhost supports multiple sign-on methods.

For example, using the email+password method, you would send:

POST https://xxxxxxxxxxxxx.nhost.run/v1/auth/signin/email-password {"email":"foo@example.com","password":"bar"}

and the response:

{
    "session": {
        "accessToken": "somejwt....",
        "accessTokenExpiresIn": 900,
        "refreshToken": "xxxxxxx-xxxx-xxxx-xxxx-xxxxxxxxxxxx",
        "user": {
            "id": "xxxxxxx-xxxx-xxxx-xxxx-xxxxxxxxxxxx",
            "createdAt": "2022-09-17T19:13:15.440221+00:00",
            "displayName": "foo@example.com",
            "avatarUrl": "",
            "locale": "en",
            "email": "foo@example.com",
            "isAnonymous": false,
            "defaultRole": "user",
            "metadata": {},
            "emailVerified": true,
            "phoneNumber": null,
            "phoneNumberVerified": false,
            "activeMfaType": null,
            "roles": [
                "user",
                "me"
            ]
        }
    },
    "mfa": null
}

The JWT is short-term, when it expires, the refresh token is used to get a new one.

The Nhost JavaScript SDK handles it automatically for you, that's a big benefit to the platform (in addition to being integrated with Hasura). If you are trying to port it to another unsupported language, you'd have to reimplement it. Probably by reading the library and/or running one of their sample client application and reverse-engineering the HTTP over the wire.

Raul Nohea Goodness
  • 2,549
  • 23
  • 24