I need some help with setting up auth in my Realm app. I have gne through the available docs but they do not have what i am looking for.
I am using Cloudflare Workers for serving the web app (its a simple forum like web app) - with Realm + Atlas for the database and Auth.
My app needs to have Google & Apple as the signin methods.
Based on all that i have read, this is my current understanding of doing auth;
- Add a login button which calls the
logIn(credentials)function from the clientside html/js
- Add a redirect URL with GET method, which should also execute
- This creates the user object in clientside js which contains all the user details.
- I should now save the _stitch_ua (or _baas_ua ??) values to a http_only cookie.
- For any protected resource, in the backend (cloudflare workers) I should get teh token from the cookie and use
var user = await App.logIn(Realm.Credentials.apiKey(token);); var client = user.mongoClient('mongodb-atlas');
to fetch the data.
6. To logout, I should call
.currentUser.logOut(); on the clientside html/js.
Is this overall flow correct?
Can I redirect users on the same page instead of opening a new window?
How do I refresh tokens?