Integrating Memberstack with Custom Scripts: Supporting Frontend and OAuth Logins
Hello Memberstack community!
I'm working on integrating Memberstack into a custom application, and I need some guidance on implementing a flexible authentication system that supports both Memberstack's frontend login and traditional OAuth flow, all while maintaining a single session. Here are my specific questions:
## 1. Dual Login Support
How can I implement a system that allows users to log in via:
a) Memberstack's frontend login (using Memberstack DOM)
b) Traditional OAuth flow with server-side handling through Memberstack oAuth provider.
What's the best practice for managing these two login methods in parallel?
## 2. Session Management
Once a user is authenticated (through either method), how can I create and manage a single, unified session? Specifically:
- How do I store the Memberstack token securely?
- How can I verify the token's validity on subsequent requests?
- What's the recommended approach for session duration and renewal?
## 3. Server-Side Token Verification
For the frontend login method, what's the correct way to verify the token on the server-side? Is there a specific API endpoint or SDK method for this?
## 4. OAuth Flow Implementation
For the traditional OAuth flow:
- What's the correct authorization URL to use?
- How do I exchange the authorization code for an access token?
- Are there any specific considerations when implementing this alongside the frontend login method?
## 5. User Data Consistency
How can I ensure that user data remains consistent between the two login methods? Are there any pitfalls to watch out for?
## 7. Edge Cases
What are some common errors or edge cases I should be prepared for when supporting both login methods? How should these be handled?
## 8. Example Code or Boilerplate
Does Memberstack provide any example code or boilerplate for implementing this kind of dual-login system with custom backend integration?
UPD:
I imagine a flow like this.
Thank you in advance for any insights or guidance you can provide!
Comments
1 comment
Hi Anton,
Your outlined flow looks solid!
When having two sites sharing a memberstack app the biggest thing to get right are the redirects. All the redirects have to be the same. This is why we don't recommend customers do this. The dual sites approach is mostly for testing purposes when all the redirects can be the same. Being logged into both sites at the same time usually doesn't work because the login is made on the domain.
Please note that if you're using Webflow, all the server-side setup won't work.
Please sign in to leave a comment.