Reputation: 608
How Auth0 know if I am already logged in?
I'm learning about Auth0. I can't figure out how the Auth0 JS sdk's sliently log the users for Single Page Application? They said tokens are save in memory, which means they don't know who am I when I next time open my browser, isn't it?
In below official document they say:
If the user was already logged in to Auth0 and no other interactive prompts are required, Auth0 will respond exactly as if the user had authenticated manually through the login page
My questions are:
- How they know my email address? (If SDK saves our token in memory)
- How they know I am already logged in? (Do they check their DB)
Upvotes: 0
Views: 788
Answers (2)
Reputation: 424
After logging in Auth0 stores your session in a cookie so it is able to keep verifying if you are still logged in and also check if the cookie is still valid.
Upvotes: 0
Reputation: 28714
Your browser has valid session = Auth0 cookie. That cookie is sent with that authentication request and it will be used to (re)identify you.
Upvotes: 1
Related Questions
- Auth0 withAuthenticationRequired vs isAuthenticated
- How to call Auth0 loginWithRedirect function in React useEffect without button clicking?
- Why my auth0 token expires when refreshing page or clicking link in my Angular app?
- Auth0 Android - How to renew id_token?
- How to protect an Auth0 authenticated REST service from XSRF and Session Hijacking?