Login Customer in Storefront
In this document, you'll learn about the two ways to login a customer in a storefront.
1. Using a JWT Token#
Using the /auth/customer/emailpass API route, you obtain a JSON Web Token (JWT) for the customer. Then, use that token as a bearer token in the authorization header of subsequent requests, and the customer is considered authenticated.
For example:
In the example above, you:
- Create a
handleLoginfunction that logs in a customer. - In the function, you obtain a JWT token by sending a request to the
/auth/customer/emailpass. - You can then use that token in the authorization header of subsequent requests, and the customer is considered authenticated. As an example, you send a request to obtain the customer's details.
2. Using a Cookie Session#
Authenticating the customer with a cookie session means the customer is authenticated in subsequent requests that use that cookie.
If you're using the Fetch API, using the credentials: include option ensures that your cookie session is passed in every request.
For example:
In the example above, you:
- Create a
handleLoginfunction that logs in a customer. - In the function, you obtain a JWT token by sending a request to the
/auth/customer/emailpass. - You send a request to the
/auth/sessionAPI route passing in the authorization header the token as a Bearer token. This sets the authenticated session ID in the cookies. - You can now send authenticated requests, as long as you include the
credentials: includeoption in your fetch requests. For example, you send a request to retrieve the customer's details.
Was this page helpful?