I am developing stateless APIs and authenticating using JWT and passport, but currently, I want to add "login with Twitter" and maybe discord too. The problem is they all use sessions for authentication, while I do not have sessions in my app.
I was thinking about redirecting the user to login at Twitter and save his "TwitterId" in my DB, then each time I would just check the returned "TwitterId" if it's okay I can sign a JWT token and return it to the user so he can use it in calling the other APIs, same as I do in regular logins.
I am having a lot of problems doing that as I do not know much about sessions and I have tried some packages like passport-twitter and login-with-twitter but I can not make them work the way I want.
If anyone has done that before please provide some guidance.