exotic-emerald15mo ago


hi I understand that in the login page (which you use google auth) you use JWT and make tokens then send the token to the login function in the authProvider, the thing is that to verify token I need to decode the token with my own secret-key the secret-key must be the same also when we code the token (encryption and decryption) so where I can find the secret key that you choosed and change it to another one ? thank you
4 Replies
kapa.ai15mo ago
Hi @Deleted User. I'm kapa.ai, your friendly support bot. I will try to answer your question by searching through the knowledge base. :wave:
kapa.ai15mo ago
---------------------- Hmm, I don't know enough to give you a confident answer yet. However, you can refer to the refine documentation and examples for more information on authentication and customizing the login process: - Google Auth Example (https://refine.dev/docs/examples/auth-provider/google-auth) - Auth0 Example (https://refine.dev/docs/advanced-tutorials/auth/auth0) - Custom Login Page Example (https://refine.dev/docs/examples/customization/customLogin) These examples might help you understand how to implement and customize authentication in refine. ---------------------- Note: you can ask me a follow up question by @ mentioning me again :speech_balloon: ----------------------
Google Auth | refine
You can use Google Login to control access and provide identity for your app. This example will guide you through how to connect Google Login into your project using refine.
Auth0 Login | refine
Auth0 is a flexible, drop-in solution for adding authentication and authorization services to your applications. Your team and organization can avoid the cost, time, and risk that comes with building your own solution to authenticate and authorize users. You can check the Auth0 document for details.
Custom Login Page | refine
With refine, you may customize your Login pages to match your own case and demands. You can also manage your Custom Login Page with refine's Auth Provider hooks. This example explains how to create a basic custom login page.
kapa.ai15mo ago
<@1073419683014922323> kapa.ai is still learning and improving, please let us how it did by reacting below
flat-fuchsia15mo ago
when you create JWT, you need to provide secret key. but i quite not understand to question. as far i know, JWT decode does not require secret key.
secret key is used to signature verification. you can access information inside JWT without secret key. we cannot verify JWT created by google, google should verify that with clientId. but ofc we can decode it The short answer is that JWT doesn't concern itself with encryption. It cares about validation and validation requires secret-key and secret-key can be any value