search

firebase / php-jwt

PHP package for JWT
BSD 3-Clause "New" or "Revised" License
9.3k stars 1.26k forks source link

Is there way way to load the token from Cookie? #545

Closed russmenum closed 1 month ago

russmenum commented 8 months ago

in src/Controller/AppController.php

$this->loadComponent('Auth', [
            'storage' => 'Memory',
            'authenticate' => [
                'Form' => [
                    'scope' => ['Users.active' => 1]
                ],
                'ADmad/JwtAuth.Jwt' => [
                    'parameter' => 'token',
                    'userModel' => 'Users',
                    'scope' => ['Users.active' => 1],
                    'fields' => [
                        'username' => 'id'
                    ],
                    'queryDatasource' => true
                ]
            ],
            'unauthorizedRedirect' => false,//meed to == ?true for CAKELOG IN? ELSE == ?FALSE
            'checkAuthIn' => 'Controller.initialize'
        ]);

works fine so long as the HEADER has "Authorization", `Bearer ${token}, but for HTTP requests you can not apend the REQ header like this, you can send the value in the cookies, but I am lost where you would do a IF not in header LOOK for valule in a cookie...

The result is not web views can be secure because you can not pass the token by header and can not read it by cookie

bshaffer commented 1 month ago

This looks like a question for Laravel or Symfony - the function loadComponent does not exist in this library, nor do any of the options you are providing.