andiputraw
andiputraw
PostsComments
KKinde
Created by andiputraw on 2/9/2024 in #💻┃support
Server Side authentication
Hello, i have a bit problem using kinde i probably just too dumb to understand how kinde work in general. TLDR: how to check the user logged in using authrozation code flow using typescript SDK. for the tech stack i am using deno fresh https://fresh.deno.dev . with typescript SDK so based on this https://kinde.com/docs/developer-tools/typescript-sdk/ and https://kinde.com/docs/developer-tools/using-kinde-without-an-sdk/#supported-grant-types-for-getting-access-tokens . it is said that if the page is rendered by server, it is better to use Authorization Code Flow. and that is what i do here. to make the server stateless. i am putting the session based on encrpted cookie. 
class KindeSession implements SessionManager {
  session: Session<string, string>;
  constructor(ctx: FreshContext) {
    this.session = ctx.state.session as Session<string, string>;
  }
  async getSessionItem(key: string) {
    const data = this.session.get(key);
    console.log("Getting data ", key, " ", data);
    return data;
  }
  async setSessionItem(key: string, value: unknown) {
    console.log(`Settting Session ${key} ${value}`);
    this.session.set(key, value as string);
  }
  async removeSessionItem(key: string) {
    console.log(`Removing Session ${key} `);
    this.session.delete(key);
  }
  async destroySession() {
    this.session.destroy();
  }
}
class KindeSession implements SessionManager {
  session: Session<string, string>;
  constructor(ctx: FreshContext) {
    this.session = ctx.state.session as Session<string, string>;
  }
  async getSessionItem(key: string) {
    const data = this.session.get(key);
    console.log("Getting data ", key, " ", data);
    return data;
  }
  async setSessionItem(key: string, value: unknown) {
    console.log(`Settting Session ${key} ${value}`);
    this.session.set(key, value as string);
  }
  async removeSessionItem(key: string) {
    console.log(`Removing Session ${key} `);
    this.session.delete(key);
  }
  async destroySession() {
    this.session.destroy();
  }
}
however, based on https://kinde.com/docs/developer-tools/typescript-sdk/#check-if-user-is-authenticated. client.isAuthenticated(sessionManager) is only available on PKCE flow. so then, how can i know if the user is authenticated or not, as far as i know, after login() is invoked, it tried to set ac-set-key or acwpf-state-key if using PKCE flow to the session. and isAuthenticated() expect access_token to available in the session. which is i think is not related at all.
8 replies