Closed OwenBrotherwood closed 8 years ago
OwenBrotherwood
commented
9 years ago Note: There is also some mismatch with the placement of app.use in another example, where
60 // The access token is only available after boot 61 app.use(loopback.token({ 62 model: app.models.accessToken 63 }));
OwenBrotherwood
commented
9 years ago For own notes: https://auth0.com/blog/2014/01/27/ten-things-you-should-know-about-tokens-and-cookies/ Wonders if strongloop can also create a current best practice
access_token in Url contra cookie contra header (header prefered)
richardpringle
commented
8 years ago Hey @OwenBrotherwood, sorry about the delayed response. Could you please provide a link to a test project with steps to reproduce the issue? See https://github.com/strongloop/loopback/wiki/Reporting-issues#bug-report.
app.use(loopback.token({ model: app.models.accessToken })); should work, but I'll need to see exactly how you are trying to use it before I can help you.
OwenBrotherwood
commented
8 years ago Hej @richardpringle Lol: yep, a bit of ancient history turned up there. I really have to use time to check my failing memory about this one. My opening post has me totally confused: the date indicates newbie status, I had a steep learning curve inclusive input on tokens via default or look for specific, with no default (cannot remember what @bajtos decieded in the end)
Soooo.... close the Issue if there is no clear "work at hand". When Christmas comes, I will be reviewing all my open and closed Issues as a form of status and deceide what to work or follow up on.
Very complex answer: but I did get back to you as soon as you gave input, so I hope you feel I take the project seriously
Br Owen
Edit @richardpringle : Is the reach out cos the review of all examples in process? and if the example is to be evaluated by an end user dummy, do you wish me to volunteer as the dummy. It can be good practice for me to get back in the driving seat of (node) programming as I have had SO much Mainframe stuff in the last few months I am beginning to think in EBCDIC again.
richardpringle
commented
8 years ago @OwenBrotherwood, thanks for the quick response. We're just trying to get a handle on all the issues associated with loopback (even the old ones). I'm going to close the issue for now and if need be when you do your review, you could open up a new ticket.
As for an end user dummy, I'll keep you in mind haha.
Cheers
OwenBrotherwood
commented
8 years ago :+1:
Is the use of cookies for authentication (instead of tokens) possible in this example or do I something else in order to support cookies?
http://docs.strongloop.com/display/public/LB/Making+authenticated+requests indicates:that the use of cookies can be enabled with: app.use(loopback.token({ model: app.models.accessToken })); // before boot ie boot(app, __dirname);
I have used the suggested line, but cannot see any change in the post ?access_token (still there) or find a cookie.