Best way to validate user session in my own node.js backend (next.js)

marioo06 · December 28, 2022, 3:14am

I’ve just set up the login on in react.js frontend app. I want to use my own node.js backend to expose specific API. What is the best way to pass the moralis session to my own backend and validate the it there?

cryptokid · May 22, 2022, 1:50pm

Hi, first step is to send the session, then you can use master key to read the session from the database and validate it.

Here is an example that does that:

github.com

gen02-dev/next-js-moralis-demo/blob/main/pages/api/secret.ts

import Moralis from "moralis/node";
import type { NextApiRequest, NextApiResponse } from "next";

export default async function handler(
  req: NextApiRequest,
  res: NextApiResponse<any>
) {
  if (req.method === "POST") {
    try {
      // Initialize Moralis
      await Moralis.start({
        appId: process.env.MORALIS_APP_ID,
        serverUrl: process.env.MORALIS_SERVER_URL,
        masterKey: process.env.MORALIS_MASTER_KEY,
      });

      // Query Session From DB
      const query = new Moralis.Query("_Session");
      const { sessionToken } = req.body;
      query.include("user");

This file has been truncated. show original