How to check authenticated status server side with ionic cloud Auth

I’m evaluating whether to use Ionic’s cloud Auth service and it seems like it’s relatively easy to implement client-side, where you can check this.auth.isAuthenticated. You can also set the user info from the client side as well.

However, if I want to do check their identity server-side, such as check that a user is authenticated when they call my custom api to post a comment - how can I get some sort of token (preferably a JWT token) that I can use to validate their identity server-side? Assuming we are using email/password authentication.

Also - using their send notification on a user’s birthday example, how can I query the user data in ionic cloud’s database to say find all users who have a birthday today. Can I export out the user data in any way if I want to migrate away in the future?

3 Likes

I am interested in this. Also interested in how Ionic Cloud Auth might handle native GoogleAuth server-side authentication. With the cordova plugin, theoretically you can log in with an ‘offline’: ‘true’ option and get an AuthToken that can be traded for an access token on the server side. But that doesn’t seem to be implemented in Ionic Cloud Auth…

I would even settle for Ionic AuthCodes that could then check back in with Ionic Cloud to verify Ionic auth. Then you could ignore all the provider-specific auth flows and just rely on Ionic to verify your user-base.

Any thoughts, @mhartington?

Marc

I’m also interested. For Ionic Auth to be useful, there needs to be some server-side method of validating the user’s JWT.

I can only assume from experimentation the JWT ionic auth provides to the client is signed with a 3rd token as my API token cannot validate the user JWT with any of ‘HS256’, ‘HS384’, ‘HS512’ or ‘RS256’.

The only workaround at present seems to be:

  • Client sends Ionic User ID to server;
  • Server makes GET call to Ionic Auth endpoint;
  • Success returns user details. Fail returns error.

Am I missing some key piece of doco? The only doc I can find seems to be https://docs.ionic.io/api/http.html and the endpoints https://docs.ionic.io/api/endpoints/auth.html

My use case is:

  • Leverage Ionic Auth for Social Provider auth;
  • I do not use Custom Auth;
  • I need to validate Ionic Auth JWT provided to Client on the server as this can be done quickly rather than having to make a call out to Ionic Auth to verify the UID.

I’m trying to get an answer to this also. I made a thread about it; please check if there is an answer there REST Auth with Ionic 2 Token?

I need to validate the ionic user auth in my server api program. I prefer to use JWT too.

However, it seems there’s no response from ionic community for more than 4 months. Does that mean this feature is not supported?

If it’s not supported, I’d have to consider to use Auth0 instead. :frowning: