Using QR codes for auth?
I'm looking at using convex for something that would have auth via QR codes, specifically using the QR codes on mobile/tablet devices as you'd use something like an OIDC flow.
This would be with react as a PWA, and following the https://docs.convex.dev/auth/advanced/custom-auth#client-side-integration (sort of skipping the OIDC part) it seems like really the custom OIDC/JWT provider is just a guide, and really I can go as low level as a function that returns https://docs.convex.dev/api/modules/react#convexproviderwithauth and it's my responsibility to update the dependencies for the array with the
const { isLoading, isAuthenticated, getToken } = useProviderXAuth(); line such that it accurately reflects my login state?5 Replies
Thanks for posting in <#1088161997662724167>.
Reminder: If you have a Convex Pro account, use the Convex Dashboard to file support tickets.
- Provide context: What are you trying to achieve, what is the end-user interaction, what are you seeing? (full error message, command output, etc.)
- Use search.convex.dev to search Docs, Stack, and Discord all at once.
- Additionally, you can post your questions in the Convex Community's <#1228095053885476985> channel to receive a response from AI.
- Avoid tagging staff unless specifically instructed.
Thank you!
I get that it's a bit of a convoluted question, so I guess to reduce it:
There's no reason that needs to be OIDC/JWT, I can really have any auth configuration handled outside and those returns are just helpers for the
(Un)Authenticated react components, and the fetchAccessToken just needs to either return and/or refresh the token that will be passed in that context?
Ah no, based on https://docs.convex.dev/api/interfaces/server.UserIdentity it does appear it needs to be a JWT specifically
Another question: https://docs.convex.dev/auth/functions-auth#custom-jwt-auth feels strange, why would it be ["properties.blah"] instead of ["properties"]["blah"]?
just bumpingSorry I dont know a lot about how the auth might work here, @erquhart has been doing a bunch with better auth lately and might be able to help?
The more I dig in the more it seems like i just need to return a JWT from that one function so convex can read claims, but also that additional question at the end is a curiosity since it seems like a very strange choice
I don't know about the second question, but yeah fetchAccessToken has to return a jwt that can be independently verified by the Convex backend against your oidc endpoints or the info you provide via customJwt properties. Sounds like you figured that part out, though.