Greetings,
Due to Netlify identity fading out, I’m trying to create a test environment for Auth0. I created a sample website to test if I could implement the same features using Auth0. I set up Auth0 to produce the nf_jwt cookie with the required fields for authorisation and hash, as following.
{
"alg": "HS256",
"typ": "JWT"
}
{
"id": "some id",
"exp": 1602522810,
"app_metadata": {
"authorization": {
"roles": ["admin","editor"]
}
}
"iat": 1607022935
}
I’m also testing the rule below, which works on my production website with Netlify Identity:
/posts/* /posts/:splat 200! Role=authenticated
/posts/* / 302!
Here is the issue. Netlify server is not redirecting it. When I debug using netlify-cli I got a few strange things. First, is that the function that does the redirect on the server (/node_modules/netlify-cli/dist/utils/proxy.js>serveRedirect) is getting the wrong user role required from the redirected rule:
Another issue is that even if I modify it to the correct expected role, the JWT check passes, but the redirect still redirects as I’m not authenticated.
What I’m missing here? Am I looking at the wrong bit of code? BTW, I tried to debug the production website locally to see the netlify identity default behavior and get this same weird result.
Website : auth0insighttest.netlify.app
Here is the match object with the rule:
match
{proxyHeaders: {…}, from: '/posts/*', to: '/', host: '', scheme: '', …}
conditions =
{}
exceptions =
{JWT: 'app_metadata.authorization.roles:authenticated'}
force =
true
from =
'/posts/*'
host =
''
negative =
true
proxyHeaders =
{}
scheme =
''
status =
302
to =
'/'
edit: Change the force to true on the match object, I pasted a different one that I was debugging at the moment.