-
Notifications
You must be signed in to change notification settings - Fork 3
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
Support for 'Logging In' #28
Comments
We should make a drash server to use, that uses auth so we have something solid, working and maintainable to test against |
Something i use for a node app that uses a login system and csrf: export async function loginAs ({ email, password }: { email: string, password: string }): Promise<ChaiHttp.Agent> {
if (!email || !password) {
throw new Error("Email or password params are empty.")
}
const agent = chai.request.agent(app);
const response = await agent.get("/login")
const html = response.text
const csrf = html.split(/name="_csrf" value="/)[1].split("\">")[0]
await agent
.post('/login')
.set("Content-Type", "application/x-www-form-urlencoded")
.set("CSRF-Token", csrf)
.redirects(0)
.send({ email: email, password: password, _csrf: csrf });
return agent
}
const agent = await loginAs({ email: "...", password: "..."})
const authenticatedResponse = await agent.get('/dashboard');
expect(authenticatedResponse.status).to.equal(200) So we could do something similar, so say a user clicks a button on a login form, we save any cookies it adds etc, and keep the current browser session and just navigate to a new page |
i think this will depend on #126 |
public async login(params: object) {
// todo use Fetch domain to make request ie
await this.location(params.loginUri);
for (const [name, value] of params.body.entries()) {
const elem = await page.querySelector('input[type="${name}"]');
elem.value(value);
}
const submit = await page.querySelector(params.submitButtonSelector);
page.expectWaitForRequest();
await submit.click();
await page.waitForRequest();
} await page.login({
loginUri: '/login',
submitSelector: "#login",
body: {
email: '...',
password: '...' |
Multiple ways a uer can login, i think these are the only 2 ways in a deno app? CSRF TokensAs this is a header, maybe we can somehow set this on the page so every request sent from it, will use it? But the user needs to set this first somehow, eg to get to CookiesThe user can set this on the page themselves, so i dont think we need to do anything here |
Conclusion: user can do this themsleves, reagrding login forms (which includes headers), the user can go to a login form User should be able to simply do this themselves and it would be convoluted for us to it, eg we'd:
|
agreed with closing this and passing it off to the user. sounds like this should be applied on top of and not within sinco. login forms hella vary and sinco would be convoluted very quickly. however, we could show how it can be done. more docs lol. |
I am writing some docs on it though :) think it would be good, and to give you an idea, im starting it off with "Whilst Sinco doesn't provide much to help you log-in to apps, we will explain how you can do it via Sinco." |
Summary
What:
Similar to Laravel's
$browser->loginAs(User::first())
Why:
Majority of web apps use auth
Acceptance Criteria
Below is a list of tasks that must be completed before this issue can be closed.
Example Pseudo Code (for implementation)
The text was updated successfully, but these errors were encountered: