I have two different RedwoodJS apps:
A has a frontend and a backend. Uses dbAuth.
B is frontend only, but queries A’s backend via the graphQL API endpoint for some data. Uses auth0.
Previously, B has only queried data that doesn’t
@requireAuth, but I’m realizing that I do want to be able to make some queries/mutations that do. I have fairly granular permissions set up in my backend, so I don’t want to bypass the redwoodJS auth altogether. Essentially, I want to be logged into A when I log into B.
What are my options to do this? Some possibilities:
- Switch A to auth0. It’s possible that, with the same system of logging in on both, the session data will look identical to the auth setup, so if a user has an account on both,
isAuthenticatedwill work on A if tried from a logged in user on B. But I don’t know if this will work, and don’t want to switch login methods for no reason.
- Copy A’s backend into B, so it will have all the same logic. This requires a LOT of repeated code, so I would like to avoid this if possible.
If anyone can confirm that 1 works, I’ll happily go with that. With there being two different frontends, setting it up as a monorepo doesn’t feel like a good solution. Other than that, I can’t think of any other ways to do this, but would love to hear suggestions.