I’m circling back to add JWT authentication to my exposed REST services. For reference, I’ve already gone through these resources:
- GitHub - lokamaya/modJWT: A MODx extra to work with JWT (JSON Web Token) based on Firebase/JWT.
- ModJWT: Working with JSON Web Token (JWT) on MODx - #8 by zurie
From what I’ve seen so far, the Firebase libraries are quite old and need to be updated to support the changes in version 3.X, as well as to add composer. My question is whether this is a good starting point for creating an authentication layer, or if I should follow another path, such as using Slim along with middleware like this: GitHub - tuupola/slim-jwt-auth: PSR-7 and PSR-15 JWT Authentication Middleware.
My current architecture is MODX as the backend and Vue as the frontend. So far, authentication and authorization work perfectly for pages, but the REST layer is unprotected.
Or am I overcomplicating things? Should I just expose the services as protected resources and use snippets to run my logic?