Ability to validate authentication request using opaque access token from cookie

[ghyath5]

I tried to integrate API tokens authentication via opaque access token and I sent the token via request.cookie but I couldn't validate the authenticated requests unless send the Authentication header

let {token} = await auth.use('api').generate(user, {
    expiresIn: '30mins'
})
response.cookie('Authorization',`Bearer ${token}`)

Is there any way to check authentication via cookies not just in headers ?

[thetutlage]

If you are using cookies, then why not use the session auth (web guard) directly?

[ghyath5]

I am making an API for many platforms, not only for web, so it would be awesome if we had ability to store and validate tokens from cookies

[thetutlage]

You can create a middleware that reads the token from the cookie and sets the header. Make sure the middleware is executed before the auth middleware