Open steve-chavez opened 5 years ago
Has there been any more work on this? Is a proxy server still mandatory, or can postgrest be configured to use a cookie header for its JWT?
I am pretty confident I can change the /login endpoint to respond with a set-cookie header to store the JWT; once I've done that how do I ensure the rest of the endpoints in postgrest are checking the cookie header for a JWT?
Use the snippet in https://github.com/PostgREST/postgrest/issues/773#issuecomment-275602759