Authentication on different server possible?

waterglobal · January 8, 2022, 3:20pm

I have a use case where I need to have a separate running API server outside of Moralis to issue access tokens. I would like to lock down the API calls on this new server by authenticating the caller of the API via some sort of bearer token and then validating against the existing user in the moralis database.

I couldn’t locate any documentation on whether there’s any bearer token that gets issued by moralis with the user/password authentication workflow. My idea is that I will run a node server and adding in the moralis sdk so I can make either cloud calls or queries to the database to make sure the caller of the API is a valid user in Moralis.

Can someone point me to the right direction? Thanks.

cryptokid · January 8, 2022, 3:24pm

There is the session key from the authentication and you can also connect directly to your server mongo db in order to check that session

waterglobal · January 8, 2022, 3:39pm

@cryptokid is there a function on Moralis SDK to validate the sessionToken? Or would I just query the Session table directly to see if the session_token still exists in the collection?

cryptokid · January 8, 2022, 3:50pm

You will query the table directly

waterglobal · January 8, 2022, 4:02pm

Awesome. always appreciate for your help!