Headless CMS: Accepting / Reading Subscribe-Invite Token from Magic-Link Email

Hi there,

I’m currently still on my build for a Headless CMS using NextJS, where both frontend + backend is using two different server instances/URL domains.

  • NextJS Frontend: https://example.com
  • Ghost Backend: https://backend.example.com

After a number of attempts, I was successful at building in a Magic-link send function to enable the Subscribe function, which requires the need to use the Ghost Backend URL to make the magic-link request.

Now, comes the part where a New Subscriber attempts to click on the email link, which includes a token + action variable, which actually sends to my NextJS Frontend for authentication of the legitimate magic-email being sent.

As the link is based on https://example.com/members/..., which means I have to now build a /member/ API-reader on the frontend to read the token of the URL. Thus, I am now stuck with the type of JWT Token to decrypt and authenticate this legitimate New Subscriber Email.

  • Should Call >> Ghost Backend: https://backend.example.com/members/...
  • Instead Of Calling >> NextJS Frontend: https://example.com/members/...

I’ve attempted to look through Ghost’s files here, here and here, to try to find a way I can either:

  • (a) call an API-Link to verify the token, or
  • (b) to self-build the verification module on my frontend,

but was both unsuccessful.

I also do understand that *Memberships* is not an existing functioning API library for the public to tap on at the moment, but it is only my attempt to add new subscribers to my Ghost mailing list, which is sufficient for me at the moment.

Hope someone can help me with a potential solution or redirect me to a resource that I can try to look at to resolve this. Thank you!

NextJS: v12.0.3
Ghost: v4.22.1