How can I check if the client is already logged in


#1

How can I check if the client is already logged in?
I checked the cookies and there is oauth2_authentication_csrf and oauth2_consent_csrf. But I don’t know how to use this cookie to check I the client is already logged in.


#2

client or user?


#3

In client side


#4

How can I check if the client is already logged in?

A client can not log in. Do you mean “How can I check if the user is already logged in”? Your question is hard to understand.


#5

Sorry for my bad question. Yes what I mean is How can I “check if the user is already logged in”


#6

Where do you want to check that?


#7

After I logged in and accept the consent, I received this code and token


and got this cookies

Since I already logged in, I want to refresh the page and retain my logged in status. But I don’t know how to check if I already logged in using the cookies I received.


#8

That’s not how this works, follow the documentation: https://www.ory.sh/docs/guides/master/hydra/3-overview/1-oauth2#implementing-a-login--consent-provider


#9

here is my code flow in my login-consent
-> As the user hits the URL (/login)
* SimpleAuth send request to /auth2/auth?client=. . . then It redirect to my login consent with param challenge.
* As the route hits /login my login provider will send request to /auth2/auth/requests/login/{challenge} and check with the data.skip is true or false.
* If true, login provider will accept the login request. If false the login provider will ask the user to login then accept the login request after. Then after the acceptance hydra will redirect to consent provider
* same process with login provider
* As the route hits /consent my consent provider will send request to /auth2/auth/requests/consent/{challenge} and check with the data.skip is true or false.
* If true, consent provider will accept the consent request. If false the consent provider will ask the user to accept the consent and accept the consent request after.

I’ve already followed the login-consent provider flow and every time I tried to re-login the return data.skip value of oauth2/auth/requests/login/{challenge} is false. Am I missing something?.


#10

By the way I’m using meteorJS and I learned that Meteor does not use cookies. Is theres a relation to this why I always get false in data.skip?