Using DevAuth
To make developing your backend easier, we provide a way to simulate authentication without the need for a proxy server. We call this component DevAuth.
You can simulate logins using mail (a password is not necessary), or social login services. After a successful
authentication, you'll be redirected to loqal.host with the port you requested on the login
screen. loqal.host simply points to 127.0.0.1
, but carries
the cookie we need for authentication.
The DevAuth cookie is signed with the HS256 algorithm, but the signing key is fixed
to 00000000000000000000000000000000
!
Sometime DNS servers won't resolve domains that point to 127.0.0.1 to prevent malicious attacks. Have a look at our respective troubleshooting section for more information and ways to resolve this issue.
DevAuth will give you a JWT with the iss claim pointing
to https://login.loqal.host (note, there is no /.q
in the path!). To logout you need to
send the user to https://login.loqal.host/logout, i.e. take the issuer and
append /logout
similarly to the production case.
Our cookie can only be set on the domain loqal.host
, not on localhost
, hence to access your application with a valid
authentication, you need to test your application using the domain loqal.host
.
See the DevAuth Architecture for more information how this is configured.