Login with JWT

Please fill the JWT login in Neeto form if you would like to request for a JWT-based login for your workspace. Alternatively, you can also also send your request to [email protected].

Architecture

  1. The user clicks on a button "Go to NeetoCal", which should be a route in the client's server. Let's assume that the button link was /oliver-smith/neeto-cal.

  2. The server verifies that the current user is logged in. Perform any other authorization steps here.

  3. The server generates the login URL using the neeto-jwt client. Redirect the request to this login URL. The client will also ask you to pass the redirect URL. The redirect URL should be the URL to which the user should be redirected to after a successful authentication. Let this be a NeetoCal URL.

  4. If the user was previously logged into this workspace, the user will be directly redirected to NeetoCal.

  5. Else, NeetoAuth decodes the JWT, and verifies that all the claims are valid. On an unsuccessful verification, the user will be taken back to the Neeto login screen.

  6. On a successful verification, the request will be redirected to a callback URL, which performs the authentication.

  7. Once authenticated, the request will be redirected to NeetoCal.

  8. Internally, the doorkeeper will exchange the access tokens with NeetoCal.

Assumptions

  • You have already created a Neeto workspace and invited all your team members with the same email address with which they have an account in your product. Neeto will not sign-up a user if the email is not part of the workspace.

neeto-jwt client

neeto-jwt is a public monorepo, which contains neeto-jwt clients in different programming languages. If you need further changes to the client, feel free to reach out to us at [email protected]. Your direct contributions to the repository will also be considered.

Integration in a Node.js project

  • Once your request for enabling JWT login is approved, we shall share a private key with you. It is crucial that you do not share the private key with anyone.

  • Similar to the above architecture, you should create a separate route to handle requests to Neeto. The route should verify that only authorized users can perform a login to Neeto.

  • Follow the steps mentioned in the neeto-jwt JS client to generate the login URL. The redirect URL should be the URL to which the user should be redirected to after a successful authentication.

  • Redirect the user to the login URL.

  • A login URL will be one-time use. You should generate a new login URL each time the user visits the route.

You may refer to the Neeto JWT integration PR if you need an example to work on.