search

acquia / waterwheel.js

A generic JavaScript helper library to query and manipulate Drupal 8 via core REST and JSON API
https://github.com/acquia/waterwheel.js
233 stars 26 forks source link

any custom workaround example for cookie auth? #37

Closed chriscalip closed 7 years ago

chriscalip commented 7 years ago

I have a javascript single page application (e.g appjs/sample-app.html) inside a drupal site. 

docroot/
  .. drupal is here
  appjs/sample-app.html

I would like to make use of existing php session or cookie in play already for use in the sample-app.html and use that for the waterwheel api object.. Has anyone encountered this before?

infiniteluke commented 7 years ago

Moving that html file into the theme layer should fix the issue for you. const waterwheel = new window.Waterwheel(window.location.origin, null, resources); will allow you to use cookie auth. @chriscalip

mattgrill commented 7 years ago

@chriscalip Right now, we don't have any plans to really support cookie auth. The auth token cookies are marked as HttpOnly; we can't really tell if there is one present. Potentially we could offer some configuration option that lets waterwheel know we are expecting cookie-auth, but that would breakdown if we use it on the server.

We just released, #39 which removes basic auth completely (bad idea to begin with) and adds support for OAuth Bearer tokens. Going forward, this is our suggested authentication method.