Shared Authentication Mechanism for Next JS and WordPress WooCommerce

• 

  himanshugabhane · Member · Sep 18, 2024 at 7:14 am

  • Copy link
  • Add topic to favorites

  Hello everyone,

  I’m working on an e-commerce website for a jewellery shop using WordPress and WooCommerce. The website includes a product customization feature for necklaces and bracelets, redirecting users to a Next.js app where they can customize the product in a 3D view using React Three Fiber. Here’s how my setup works:

  1. Users browse products on the WordPress WooCommerce site.
  2. When they click “Customize,” they are redirected to a Next.js link for customization.
  3. I’m using the JWT Authentication Token Plugin in WordPress to manage user authentication.
  4. The REST API in WordPress and Next.js handles interactions between the sites.

  The challenge I’m facing:

  I need to check if the user is logged into the WordPress site before allowing them to proceed with customization. For security reasons, I don’t want to pass the JWT token via the URL. Instead, I would like to store the token in a cookie in WordPress and access that cookie from my Next.js site to validate the user session. My questions:

  1. How can I securely store the JWT token in a WordPress cookie and ensure it is accessible in my Next.js app (without passing the token via the URL)?
  2. Once the token is stored in the cookie, how can I access it server-side in my Next.js app to validate the token using the WordPress REST API?
  3. What would be the best practices for securely handling this cross-domain token sharing (since both WordPress and Next.js are under the same root domain)?
  4. Are there any other recommended approaches or plugins to handle this kind of JWT authentication between WordPress and Next.js?

  Setup Details:

  • WordPress WooCommerce for e-commerce functionality.
  • JWT Authentication Token Plugin for user login.
  • Next.js for product customization with React Three Fiber.
  • REST API for communication between WordPress and Next.js.

  I’ve already looked through some documentation and videos but haven’t found a reliable solution for this particular case. Any help or advice would be greatly appreciated!

  Thank you!

• 

  caimin · Staff · Sep 18, 2024 at 12:31 pm

  • Copy link

  Interesting project! Although this is beyond our scope of support, there may be some advice other users are able to give.
  
  You may also want to check out the WordPress Development hub of Stack Exchange as there are some knowledgable folks over there.