Adding JWT to MODX3

I’m circling back to add JWT authentication to my exposed REST services. For reference, I’ve already gone through these resources:

From what I’ve seen so far, the Firebase libraries are quite old and need to be updated to support the changes in version 3.X, as well as to add composer. My question is whether this is a good starting point for creating an authentication layer, or if I should follow another path, such as using Slim along with middleware like this: GitHub - tuupola/slim-jwt-auth: PSR-7 and PSR-15 JWT Authentication Middleware.

My current architecture is MODX as the backend and Vue as the frontend. So far, authentication and authorization work perfectly for pages, but the REST layer is unprotected.

Or am I overcomplicating things? Should I just expose the services as protected resources and use snippets to run my logic?

Can’t you just add some checks (like $this->modx->user->isAuthenticated('web') or $this->modx->user->hasSessionContext('web')) to the verifyAuthentication function in the REST controller?

as I expected I was overcomplicating things, the issue is that I was missing a flag on my axios calls and the auth context wasn’t being sent, but now its working as expected, thanks!

This topic was automatically closed 2 days after discussion ended and a solution was marked. New replies are no longer allowed. You can open a new topic by clicking the link icon below the original post or solution and selecting “+ New Topic”.