From dbf390caefabe04f7b53f623f1ef44aa833fea4f Mon Sep 17 00:00:00 2001 From: John Shaughnessy Date: Tue, 26 Jan 2021 10:26:17 -0800 Subject: [PATCH 1/2] Add cookie-based authentication --- src/react-components/auth/AuthContext.js | 11 ++++++++++- 1 file changed, 10 insertions(+), 1 deletion(-) diff --git a/src/react-components/auth/AuthContext.js b/src/react-components/auth/AuthContext.js index e5344e785f..89eb805b9b 100644 --- a/src/react-components/auth/AuthContext.js +++ b/src/react-components/auth/AuthContext.js @@ -5,7 +5,7 @@ import configs from "../../utils/configs"; // TODO: We really shouldn't include these dependencies on every page. A dynamic import would work better. import jwtDecode from "jwt-decode"; import AuthChannel from "../../utils/auth-channel"; -import { connectToReticulum } from "../../utils/phoenix-utils"; +import { connectToReticulum, getReticulumFetchUrl } from "../../utils/phoenix-utils"; export const AuthContext = createContext(); @@ -65,6 +65,12 @@ export function AuthContextProvider({ children, store }) { const socket = await connectToReticulum(); authChannel.setSocket(socket); await authChannel.verifyAuthentication(authParams.topic, authParams.token, authParams.payload); + await fetch(getReticulumFetchUrl("/api/v1/accounts/set_cookie"), { + method: "GET", + headers: { + authorization: `bearer ${store.state.credentials.token}` + } + }); }, [store] ); @@ -74,6 +80,9 @@ export function AuthContextProvider({ children, store }) { configs.setIsAdmin(false); store.update({ credentials: { token: null, email: null } }); await store.resetToRandomDefaultAvatar(); + await fetch(getReticulumFetchUrl("/api/v1/accounts/expire_cookie"), { + method: "GET" + }); }, [store] ); From 3c20c46da672a7417e879839498abbce6d86caf7 Mon Sep 17 00:00:00 2001 From: John Shaughnessy Date: Wed, 24 Feb 2021 09:34:17 -0800 Subject: [PATCH 2/2] Change GET to POST --- src/react-components/auth/AuthContext.js | 11 +++-------- 1 file changed, 3 insertions(+), 8 deletions(-) diff --git a/src/react-components/auth/AuthContext.js b/src/react-components/auth/AuthContext.js index 89eb805b9b..24d310e228 100644 --- a/src/react-components/auth/AuthContext.js +++ b/src/react-components/auth/AuthContext.js @@ -5,7 +5,7 @@ import configs from "../../utils/configs"; // TODO: We really shouldn't include these dependencies on every page. A dynamic import would work better. import jwtDecode from "jwt-decode"; import AuthChannel from "../../utils/auth-channel"; -import { connectToReticulum, getReticulumFetchUrl } from "../../utils/phoenix-utils"; +import { connectToReticulum, getReticulumFetchUrl, fetchReticulumAuthenticated } from "../../utils/phoenix-utils"; export const AuthContext = createContext(); @@ -65,12 +65,7 @@ export function AuthContextProvider({ children, store }) { const socket = await connectToReticulum(); authChannel.setSocket(socket); await authChannel.verifyAuthentication(authParams.topic, authParams.token, authParams.payload); - await fetch(getReticulumFetchUrl("/api/v1/accounts/set_cookie"), { - method: "GET", - headers: { - authorization: `bearer ${store.state.credentials.token}` - } - }); + await fetchReticulumAuthenticated("/api/v1/accounts/set_cookie", "POST"); }, [store] ); @@ -81,7 +76,7 @@ export function AuthContextProvider({ children, store }) { store.update({ credentials: { token: null, email: null } }); await store.resetToRandomDefaultAvatar(); await fetch(getReticulumFetchUrl("/api/v1/accounts/expire_cookie"), { - method: "GET" + method: "POST" }); }, [store]