fair_enough
08/22/2022, 11:19 AMinstall(Sessions) {
cookie<RegularUserSession>("regular_user_session", SessionStorageMemory())
cookie<GoogleUserSession>("google_user_session", SessionStorageMemory())
}
install(CORS) {
allowHeader("regular_user_session")
exposeHeader("regular_user_session")
allowHeader("google_user_session")
exposeHeader("google_user_session")
allowMethod(HttpMethod.Options)
allowMethod(HttpMethod.Put)
allowMethod(HttpMethod.Delete)
allowMethod(HttpMethod.Patch)
allowHeader(HttpHeaders.Authorization)
allowHeader(HttpHeaders.AccessControlAllowOrigin)
allowNonSimpleContentTypes = true
allowSameOrigin = true
anyHost()
}
tried allowHeader only or exposeHeader only or both
HttpClient(engineFactory) {
install(HttpCookies)
}
On same host client:
1. Connection: keep-alive
2. Content-Encoding: deflate
3. Content-Type: application/json
4. Set-Cookie: regular_user_session=75f7618f14d56eaa81f04b0564146e4d; Max-Age=604800; Expires=Mon, 29 Aug 2022 111024 GMT; Path=/; HttpOnly; $x-enc=URI_ENCODING
5. transfer-encoding: chunked
On COSRS client:
1. Access-Control-Allow-Origin: *
2. Access-Control-Expose-Headers: google_user_session, regular_user_session
3. Connection: keep-alive
4. Content-Encoding: deflate
5. Content-Type: application/json
6. Set-Cookie: regular_user_session=a848eb176774abd4ded030892bc5615f; Max-Age=604800; Expires=Mon, 29 Aug 2022 110931 GMT; Path=/; HttpOnly; $x-enc=URI_ENCODING
7. transfer-encoding: chunked
But it still doesn't works on CORS client. I dont know whyAleksei Tirman [JB]
08/22/2022, 11:22 AMAugust Lilleaas
08/22/2022, 11:22 AMfair_enough
08/22/2022, 11:22 AMAugust Lilleaas
08/22/2022, 11:24 AMAleksei Tirman [JB]
08/22/2022, 11:24 AMAugust Lilleaas
08/22/2022, 11:24 AMfair_enough
08/22/2022, 11:25 AMfair_enough
08/22/2022, 11:25 AMAugust Lilleaas
08/22/2022, 11:26 AMfair_enough
08/22/2022, 11:27 AMfair_enough
08/22/2022, 11:28 AMAugust Lilleaas
08/22/2022, 11:29 AMCookie
header, you should be able to access the cookiefair_enough
08/22/2022, 11:31 AMAugust Lilleaas
08/22/2022, 11:31 AMCookie
header in the request, and how do you access it in code?fair_enough
08/22/2022, 11:34 AMval newSession = userController.getRegisteredUser(email, password)
call.sessions.set(newSession)
setting just session data with token and some id
sessions.get<UserSession.RegularUserSession>()
fair_enough
08/22/2022, 11:42 AMAugust Lilleaas
08/22/2022, 11:42 AMcall.request.cookies
?August Lilleaas
08/22/2022, 11:43 AMCookie
header is not set by the browser?fair_enough
08/22/2022, 11:44 AMfair_enough
08/22/2022, 11:46 AMAugust Lilleaas
08/22/2022, 11:47 AMCookie
header?fair_enough
08/22/2022, 11:50 AMAugust Lilleaas
08/22/2022, 11:50 AMAugust Lilleaas
08/22/2022, 11:52 AMAugust Lilleaas
08/22/2022, 11:52 AM*Access-Control-Expose-Headers:* google_user_session, regular_user_session
has any effect - the header being used here is Cookie
August Lilleaas
08/22/2022, 11:53 AMfetch
, you have to specify credentials: "include"
fair_enough
08/22/2022, 11:54 AMfair_enough
08/22/2022, 11:58 AMval response = client.get("${serverUrl}/api/user/identity") {
Napier.d { "checkIdentity" }
}
fair_enough
08/22/2022, 12:00 PMfair_enough
08/22/2022, 2:33 PMcookie.secure = true
cookie.extensions["SameSite"] = "None"
and enable self signed SSLfair_enough
08/26/2022, 10:05 PMfair_enough
08/26/2022, 10:40 PMdevServer = devServer?.copy(
open = false,
port = 3000,
proxy = mutableMapOf(
"/api/user/identity" to mutableMapOf(
"changeOrigin" to true,
"cookieDomainRewrite" to "localhost",
"target" to serverUrl,
),
"/api/user/login" to mutableMapOf(
"changeOrigin" to true,
"cookieDomainRewrite" to "localhost",
"target" to serverUrl,
),
"/api/user/register" to mutableMapOf(
"changeOrigin" to true,
"cookieDomainRewrite" to "localhost",
"target" to serverUrl,
)
)
)