Skip to content
This repository has been archived by the owner on Mar 22, 2022. It is now read-only.

Support graceful fallback to cookies #45

Closed
ekryski opened this issue Feb 8, 2016 · 1 comment
Closed

Support graceful fallback to cookies #45

ekryski opened this issue Feb 8, 2016 · 1 comment
Milestone
1.0

Comments

@ekryski
Copy link
Member

ekryski commented Feb 8, 2016

Currently when using OAuth, in order to get the JWT we generate back to the client, we shove it in a cookie called feathers-jwt. The client then parses the JWT from the cookie and uses this JWT to authenticate with the API going forward.

In theory, in addition to checking the Authorization header, query sting, or request/socket body we could also check the feathers-jwt cookie to see if it is expired and if not grab the token.

Now that I think about this, this is actually pretty easy and should just be a couple lines added right in this middleware.
@ekryski
Copy link
Member Author

ekryski commented Feb 11, 2016

This is now done in the decoupling branch now. It doesn't support cookies on sockets however...

@ekryski ekryski modified the milestone: 1.0 release Feb 11, 2016
@ekryski ekryski mentioned this issue Feb 12, 2016
Merged
@ekryski ekryski closed this as completed Feb 12, 2016
Sign up for free to subscribe to this conversation on GitHub. Already have an account? Sign in.
Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
1.0
Development

No branches or pull requests
1 participant
@ekryski