The Swoop Developer Hub - Password Free Authentication

Welcome to the Swoop developer hub. You'll find comprehensive guides and documentation to help you start working with Swoop as quickly as possible, as well as support if you get stuck. Let's jump right in!

Get Started    

When you receive an id_token from Swoop, it is important to verify the token against your CLIENT_SECRET to ensure that it is valid and hasn't been tampered with.

Here is how to validate JWT's in node.

Install the jsonwebtoken Library

npm install --save jsonwebtoken

Import The Library

const jwt = require('jsonwebtoken')

Verify The Token

app.post('/loginWithSwoop', (req, res) => {
  // Normally CLIENT_SECRET should be stored in an environment variable
  // and accessed via process.env.CLIENT_SECRET
  let secret = 'CLIENT_SECRET';
  let document;
  
  try {
    // Verify the JWT
    document = jwt.verify(req.body.swoopToken, secret);
  } catch(e) {
    res.redirect('/error');
  }

  // Look up your user
  let user = await User.findOne({email: document.email});
  // "Login" your user
  req.session.user = user;
  // Redirect to their account
  res.redirect('/account');
})

Updated 28 days ago


Node


Suggested Edits are limited on API Reference Pages

You can only suggest edits to Markdown body content, but not to the API spec.