search

stormpath / express-stormpath

Build simple, secure web applications with Stormpath and Express!
http://docs.stormpath.com/nodejs/express/
Apache License 2.0
325 stars 111 forks source link

postLoginHandler #577

Closed Adam-Burke closed 7 years ago

Adam-Burke commented 7 years ago

Hi There,

Is it possible to retrieve the access_token from a username/password login in the postLoginHandler.

I have a seperate token I would like to send back with the access_token and I can't quite work out the source.

robertjd commented 7 years ago

Hi @Adam-Burke , thanks for getting in touch! It doesn't look like we pass this back to you in a convenient way, but we are responding with the access token in a cookie, so it is possible to reach into the response and find the header that we set for the cookie, this looks like it does the trick:

app.use(stormpath.init(app, {
  expand: {
    customData: true
  },
  postLoginHandler: function(account, req, res) {
    var accessToken;
    var match = res._headers['set-cookie'].filter(function(cookieStr){
      return cookieStr.match(/access_token=[^;]+/);
    });
    if (match.length === 1) {
      accessToken = match[0].split('=')[1];
    }
    console.log('accessToken?', accessToken);
  }
}));

Can you try this and let me know if it works for you?

Adam-Burke commented 7 years ago

Hi @robertjd,

Thanks for your help. I'm using the json api stateless version so it seems as expected that there is no set-cookie header. Is it possible to have to authResult appended to the request object. I've added it in continueWithHandlers as a workaround in get-token.js

Cheers,

Adam.