Closed JohnamLane closed 1 year ago
Should use the 2 default packages in the Vue ecosystem.
https://vueuse.org/integrations/useCookies (Vue3 Apps)
https://nuxt.com/docs/api/composables/use-cookie (Nuxt3 Apps)
Drop localstorage
Put refresh token in httpOnly Cookie
Bearer token in memory
Bring in as part of our OIDC review.
Patrick said we're not doing the cookie right now, he's going to rework namerequest so it doesn't rely on the session storage. Moving this out of the sprint, we can address this later.
We want to do this for nameRequest NR information.
Domain=.bcregistry.gov.bc.ca
This is what happens currently:
Would require changes in auth-web and namerequest
https://github.com/bcgov/sbc-auth https://github.com/bcgov/namerequest
~Patrick said we're not doing the cookie right now, he's going to rework namerequest so it doesn't rely on the session storage. Moving this out of the sprint, we can address this later.~
We want to do this for nameRequest NR information.
Domain=.bcregistry.gov.bc.ca
This is what happens currently:
Would require changes in auth-web and namerequest
https://github.com/bcgov/sbc-auth https://github.com/bcgov/namerequest
I rework the namerequest, namex api and auth api. So it doesn't rely on the session storage.
Closing for now.
In order to prevent issues with our new URLs, AUTH WEB must be converted to use cookies vs session state.
Considerations: