New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
inject custom authorization #928
Comments
Hey @Karman40, thanks a lot for the feedback :) I'm moving it to instant-meilisearch as the issue comes from the client and not angular itself. About your interceptor not working, I'll investigate. Meanwhile, it is possible in Meilisearch to create tokens with specific rights on an index. See this doc. If this does not cover what you need as permission, please tell us so we can add that in the product feedbacks! |
@bidoubiwa Thank you for your answer! Sorry if my description is a bit confusing. there are After that, the data itself is attached to the profile. So, during searches, it should be checked to which profile the data is assigned, whether the user has access to the profile and at what level. unfortunately, the tenat token cannot fully cover this. We could also monitor the search speed using the proxy. The backend save all http request. |
Hey @Karman40, sorry for the delay. I thought about your issue; it's indeed weird that your interceptor does not work. From what you describe, I'm not sure the issue comes from our side. Do you have any idea where it might come from? Maybe you should report the bug to the interceptor you're using? |
@bidoubiwa If the interceptor is not being called when making requests with the "@meilisearch/instant-meilisearch" package, it's possible that the package is making the requests directly using the |
Hey @Karman40, I dug around a bit, and indeed you are right. To solve this issue, we need to make the requester an option in I'll create an issue in |
@bidoubiwa Thank you for your feedback! |
Unfortunately, hard to say at the moment. It is planned in a near future but I don't want to create any false hope. |
Hello @bidoubiwa. I hope this letter finds you well. I saw that |
Hello @Karman40, I'll be working on it very shortly. I hope this week! I'll keep you up to date |
@bidoubiwa that's a great new for me! Can i help some how? |
Description
I would like to insert a unique header before each call. There is an "HttpInterceptor" that does this, but for some reason it does not run in the case of meilisearch/angularsearch. Is it possible to set your own token for each call before each call?
I would like to run the calls through my own backend, because meilisearch currently does not support that a specific api key can only see certain data within the index, and it is safer to assign it to the user's token. The backend would actually work as a proxy, validating the user data, then modifying the header and forwarding it locally to meilisearch.
Expected behavior
Compatibility with HttpInterceptor
Environment
Code
For my own backend calls, the token is included perfectly in the header.
The text was updated successfully, but these errors were encountered: