casbin-bot
commented
1 year ago @seriouszyx @ComradeProgrammer @Resulte
Closed mr-m0nst3r closed 1 year ago
casbin-bot
commented
1 year ago @seriouszyx @ComradeProgrammer @Resulte
hsluoyz
commented
1 year ago @mr-m0nst3r casdoor_session_id is the cookie name from Casdoor, not your application. When your frontend has the valid casdoor_session_id cookie, it means it's already logged in Casdoor. So calling get-account API against Casdoor will give your the user info.
If you don't want to maintain session states in your application backend, your frontend needs to talk directly with Casdoor backend by calling get-account API against Casdoor via AJAX calls.
Hi guys,
I'm using fastapi.
There's a get-account endpoint in the example backend, which is checking whether there's a session accordingly. When the user just visited the website, I saw a cookie for localhost: casdoor_session_id: 849561b2b7b07a6fd0e24cce6e0850b6
so, the fastapi receives this cookie and no more other info, when the frontend app send get-account requests.
My question is, is there any way to verify whether the casdoor_session_id is valid or not, or to get the logon user? so I don't have to use Sessions in fastapi, and let casdoor manage Sessions for me.
Thanks in advance.