Required Exchange Endpoint.

Identigo implements a request token exchange mechanism. The flow goes like this:

• User clicks login in your client or goes to the login route.
• User is redirected to identigo server's login page for that app.
• User logs in using any means.
• Identigo returns a cookie to the identigo client (not your app yet), this is the user session.
• Identigo redirects the user back the the source client with a request token.
• The client SDK now posts a request token to your server for exchange.
• The app server responds by providing a secure cookie for authenticated requests.

For us to make this possible you need to setup an endpoint on your server to do this. The endpoint can be whatever you like as its configurable in the SDK using the exchangeUrl property in the client SDK.

Example

When the endpoint is hit, you want to do the something like the following, keeping with your chosen frameworks syntax or style:

const { token, cookieOptions } = await this.authService.exchange(
  body.requestToken,
  body.email,
  body.appId
);
if (!token) return res.status(401).send({ error: "Unauthorized" });

res.cookie("token", token, cookieOptions as CookieOptions);
res.send({ access_token: token });

And thats it. Give it a try, after loging in, you should be redirected and see some magic happen.