I have implemented the application react and hapi js (web server).
and I have a hapi-auth-cookie plugin for session authentication on each api request which has strategy session and cookies.
if i load my application in a separate window (browser tab) validateFunc is called properly, but if I load my application inside the Iframe its not working and rather my API returns HTML content of index.html rather than JSON
server.auth.strategy('session', 'cookie', {
password: 'longpassword-should-be-32-characters-for-pulse',
cookie: 'my-app-sid',
redirectTo: '/',
ttl: 86400000,
isSecure: false,
validateFunc: isAuth // this is not called incase my app loaded inside iframe
});
function isAuth(request, session, callback)=>{
// have some ajax call to validate session / token
//
session.isAuthenticated = true;
}
Hapi js: 16.7.0 hapi-auth-cookie: 6.1.1
I have implemented the application react and hapi js (web server). and I have a hapi-auth-cookie plugin for session authentication on each api request which has strategy session and cookies. if i load my application in a separate window (browser tab) validateFunc is called properly, but if I load my application inside the Iframe its not working and rather my API returns HTML content of index.html rather than JSON