I am working on a full stack app. Here’s my current stack.
NextJS frontend (deployed with Netlify) Express Node Rest API (deployed with Heroku) MySQL DB (ClearDB)
I recently switched to deploying my front end with Netlify because I liked the Netlify Identity feature. I need to add authentication to front end as well as my api routes and found that Netlify ID made it very easy to implement front end auth. However I still need to figure out how to add authentication to my API as I want to gate access to the database.
I want to use Netlify ID to auth my API. My understanding is that means I need my Express app to have access to Netlify ID context in order to consume user access tokens / JWTs. It seems to me that in order to pass that netlify id context to my api I have no choice but to use Netlify Functions within my project folder to house my Express app.
Currently my API supports standard get post put delete methods so I want to add auth to a handful of these specific functions.
Does this make sense? Please ask any question to help clarify. I’m at a pivotal point in my dev timeline and want to make the best decision.