API token authentication w/ NextAuth
have any of you tried implementing something like this? Wondering if it's time for me to swap to Clerk or Auth0 or another solution or if this will work well enough.
Private API, just provisioning my own tokens to access some privileged endpoints
I've implemented a CredentialsProvider that works well enough, but it feels strange to be doing a cookie-session exchange and passing a (short-lived) cookie with requests, rather than, say, a long-lived Bearer auth token
I'm specifically trying to use the API token auth with edge functions, which require NextAuth as middleware and aren't as easily side-stepped as a normal API function. In those cases I could do simple
if(useSession || validApiToken)
1 Reply
if anyone finds this post later, I ended up implementing a simple edge function middleware for this which checks for my token, then falls back to NextAUth
annoying to have slightly different code for edge functions vs. normal serverless functions but so be it