search

janko / rodauth-rails

Rails integration for Rodauth authentication framework
https://github.com/jeremyevans/rodauth
MIT License
571 stars 40 forks source link

Get current user from cookie in API-Only Mode? #128

Closed mdodell closed 2 years ago

mdodell commented 2 years ago

Hello!

Big fan of the library!

I was wondering if it is possible to get the current user based on the Cookie Based instructions here/some way to have a refresh route to return the current user.

Additionally, are the cookies configurable in some way (i.e. being able to set SameSite and Secure)?

This is important for SPAs that want to make calls to an API that utilizes Rodauth (i.e, making a /refresh call upon initial render, that calls the API with the cookies to authenticate the user.

janko commented 2 years ago

Hi, I'm glad you like it! ❤️

You would retrieve the current user in the exact same way as when you use Rodauth in default HTML mode. The account ID is stored in the Rails session just like it is in default mode, which is stored in a cookie by default, there is no separate cookie that Rodauth uses. So, you can use #current_account on the backend to return the current user.

I'm going to close this, since it's not a bug report. If you have additional questions, please open a topic in discussions.