No Auth Login?

Options
Casey whitcher
Casey whitcher Member
in ? Working with APIs

Hey all,

My Authentication works great in Xano, but I'm wasting too much time trying to get it to work on my front end.

I'm trying to create a Faux login (for the sake of an MVP) that will just query the database, and return the user ID information if it's there, or send back a pre-determined user object if it does not exist.

I have a conditional to return an object (not sure if this is the right approach) but it looks like this, and I don't think this is correct?

And on a side note, is there a better way to create a fake login that will carry over the user ID so i can still have user-specific results?


image.png


· Share on Twitter

Answers

  • pete letkeman
    pete letkeman Member
    Options

    Instead of returning an static object as shown in your image.

    I suggest that you look at the default /auth/login Xano end point where it uses the Create Auth Token.

    In your endpoint you can simply return this static auth token which can have a expire date of maybe a month or more from now.

    · Share on Twitter
  • Casey whitcher
    Casey whitcher Member
    Options

    Thanks, Pete, as I mentioned, the default auth/login Xano endpoint works great in Xano, works in my front ends API tool but does not work "consistently" in the actual application.

    I'm sure I could eventually get it working, but I'm pressed for time and since this is just for presentation and not actual production I have other priorities so I need to get something in place that will work consistently since security is not an actual issue as an MVP.

    So, with the solution, I've suggested here, is there a better way to go about this?

    · Share on Twitter
  • pete letkeman
    pete letkeman Member
    Options

    Let's see:

    There are two different endpoints.

    1) auth/login (open to all by default)

    2) auth/me (by default this is secured)

    In auth/me you can have absolutely anything that you want, static or dynamic. This is where you probably want to have the object shown in your initial post. This does take a parameter, but you can override this and do whatever you can do with a regular Xano call.

    In auth/login, you can simply call the create auth token without actually logging into the system. I'd use this to get an auth token even if it's not one you check the validity for or even if you ignore it.

    · Share on Twitter
  • Casey whitcher
    Casey whitcher Member
    Options

    @pete letkeman thanks sorry for not getting back here sooner. I ended up finding what I was doing wrong on the front end app that was not allowing the authentication I had setup to work. I'm good now. was just the requirement for the user_id to be labeled as "id" instead of user_id.

    · Share on Twitter

Categories