Sending HTTP Headers with DeepStreamClient.login() #96
Comments
|
hey @little-vista Would it not be possible for you to send the token as an argument with login which can then be accessed by the permission plugin on deepstream rather than retrieving it from a cookie or session? |
|
@yasserf Can you explain how that works? I want to delegate authentication completely to our API end point. That is, deepstream is setup to call out to our API authentication end point and it is this end point that validates the token. The end point has to work for apps (which we can do via a header value, browser for which we supply a cookie) Let me see if I understand what you mean. By adding the jwt as an attribute of the login data, this is then forwarded to the API end point. What structure of json should that end point expect based on your suggestion? |
We are looking to incorporate deepstream into our applications. The scenario is that we have a REST API that acts as 'publisher' and a number of connected javascript/mobile based clients.
Our API has an authentication endpoint that expects either a cookie or header as an authentication token. This end point is configured into the deepstream server as the authentication mechanism.
Each browser client authenticates with our API and receives a JWT token that is passed back to the browser as a cookie. This cookie is then forwarded with the javascript request to login to deepstream. All good so far..
We now need to authenticate from within the API itself (on the java side of the house). In order to do this I was thinking that the 'publisher' code in the API generates a JWT token for itself and then this token be attached as a header and/or cookie along with the call to DeepStreamClient.login();
The idea being that the deepstream server will pass this token back into the API via the http authentication mechanism.
But I cannot see a way to supply a header value or cookie to the login from the java client.
Can you please help?
The text was updated successfully, but these errors were encountered: