What's the name of the cookie used by Convex Auth?

I would like to know what name convex auth uses to keep track of session tokens. I like knowing how tools I use work so I can make modifications at any time. By logging into https://labs.convex.dev/auth-example, I noticed that login state works even when there are no cookies, and later found out that Convex auth uses localStorage by default unless when using @convex-dev/auth/nextjs. Anyways, I have something like the ff in localStorage:
{
theme: "system",
__convexAuthJWT_httpsadmiredsandpiper807convexcloud: "ey...some_JWT_stuff",
__convexAuthRefreshToken_httpsadmiredsandpiper807convexcloud: "some_refresh_token"
}
{
theme: "system",
__convexAuthJWT_httpsadmiredsandpiper807convexcloud: "ey...some_JWT_stuff",
__convexAuthRefreshToken_httpsadmiredsandpiper807convexcloud: "some_refresh_token"
}
1- Is there a documentation for the exact names used for the tokens similar to what Clerk has here: https://clerk.com/docs/deployments/clerk-cookies#strictly-necessary-application-cookies. It is always good to know about the magic done by the library, since I might want to read them and pass them around myself somewhere especially on the server. I know there are certain utilities for Next.js, but I still want to know. (Also, even though the chances of collision with my own set cookie/localstorage values is extremely low, it's not zero.) From the sample above, it's evident that the string is built from the cloud URL with some prefix. 2- Is there a documentation for how to verify such tokens manually similar to what clerk has here https://clerk.com/docs/backend-requests/handling/manual-jwt. 3- Are these names the same for localstorage and cookies (guess this can be answered by 1 above).
3 Replies
ballingt
ballingt5mo ago
These docs will improve some but for now your best bet is the code https://github.com/get-convex/convex-auth
GitHub
GitHub - get-convex/convex-auth: Library for built-in auth
Library for built-in auth. Contribute to get-convex/convex-auth development by creating an account on GitHub.
ballingt
ballingt5mo ago
It's great to hear specific things to document, I'll put them on this list!
Abdulramon Jemil
Abdulramon JemilOP5mo ago
Thanks. Personally, I would like to see the following in the docs: - How the keys used for storage are determined, and how to use them to read tokens manually from their storage source without the library. (Also, the list of the keys) - How to manually validate tokens directly read from the source. - More notes on the configuration of cookies (when cookies are used) e.g. what are the values for samesite, domain, and other necessary ones for the cookies used.

Did you find this page helpful?