search

OpenTechStrategies / SimpleBook

A fork of the Collection Extension to print books from MediaWiki instances
1 stars 1 forks source link

Shift to node-native authentication #11

Closed slifty closed 3 years ago

slifty commented 3 years ago

The current node worker does the following in order to load a wiki page:

  1. Invoke get-cookies.sh which (A) makes an API call to get a token and (B) makes a second API call to log in, storing the resulting cookies into a cookies.jar file

  2. Invoke puppeteer, passing the cookies.jar file so that it maintains the session.

I'm concerned that this might result in a race condition in which two users from the same wiki making calls could potentially overwrite the authentication cookie for a given domain. I also think there is value in trying to keep the curl logic inside of node (instead of a separate shell file / process).

Node has libraries like superagent and node-fetch which can make curl-like calls and superagent has built in support for cookies. The question is whether I can pass the superagent cookie store to puppeteer or not.

If it's possible to create a common cookie store used by both superagent (or equivalent) and puppeteer, then I would like to replace get-cookies.sh with pure node.

slifty commented 3 years ago

This is a library used for cookie management in node: https://www.npmjs.com/package/tough-cookie

slifty commented 3 years ago

In fact... maybe I should just be using puppeteer for the entire flow? I'm not sure if there was a reason not to use puppeteer to script the initial authentication to begin with, but I'm going to try that first, actually.

slifty commented 3 years ago

Node now handles authentication / doesn't accept cookie stores -- the next step is to update the python call and this issue will be resolved.

slifty commented 3 years ago

The python call was, in fact, updated