search

openkfw / TruBudget

A blockchain-based workflow tool for efficient and transparent project management
https://openkfw.github.io/trubudget-website/
GNU General Public License v3.0
85 stars 39 forks source link

email-service: email service not working with authentication turned on #1769

Closed SamuelPull closed 5 months ago

SamuelPull commented 5 months ago

Description 😯

If email service has authentication turned on (env AUTHENTICATION=JWT), it might not authenticate any request from frontend. httpOnly cookie is set to the same domain, and is not being sent from browser if two services are not in strictly the same domain (i.e. without api gateway, proxy, load balancer, etc.)

axios requests to email service from frontend lack withCredentials set to true option.

Perhaps a separate authentication mechanism from TB token could be used for authenticated requests to email service?

How to reproduce 🕹

  1. <E.g. login as user XYZ>
  2. <E.g. try to create new subproject>
  3. <E.g. You will see error in console>
  4. ...

Screenshots 📷

Add screenshots or screen recording video if applicable.

Your Environment 🌎

Tech Version
Frontend v2.?.?
API v2.?.?
Blockchain v2.?.?
Export-Service v2.?.?
Email-Service v2.?.?
Storage-Service v2.?.?
SamuelPull commented 5 months ago

May be fixed by https://github.com/openkfw/TruBudget/pull/1761