Grouvie
03/27/2022, 1:46 PMGrouvie
03/27/2022, 1:47 PMrouting {
route(LoginItem.path) {
post {
val request = call.receiveOrNull<LoginItem>() ?: kotlin.run {
call.respond(HttpStatusCode.BadRequest)
return@post
}
...
}
}
get("/login") {
call.respondText(
this::class.java.classLoader.getResource("index.html")!!.readText(),
ContentType.Text.Html
)
}
}
For the frontend in my jsMain I have a HttpClient with the jwt module installed and functions to post/ get data.
When I send a request with this functions I can see the jwt token and it works.
Now I want to protect a route from unauthorized users. So I did this in my ktor backend.
authenticate("auth-jwt") {
get("/dashboard") {
call.respondText(
this::class.java.classLoader.getResource("index.html")!!.readText(),
ContentType.Text.Html
)
}
}
This works fine and the /dashboard route is now protected. When I enter my jwt into postman I get the correct answer.
But I want to access the /dashboard route in my browser.
Do you have any idea what I am doing wrong in my structure or setup? Thanks for your help 🙂Aleksei Tirman [JB]
03/27/2022, 2:13 PMGrouvie
03/27/2022, 3:31 PMAleksei Tirman [JB]
03/27/2022, 3:33 PMhow I can make all requests come from the jsMain without going to the backend jvmMain directly.What do you mean?
Grouvie
03/27/2022, 3:55 PMGrouvie
03/27/2022, 3:57 PMsuspend fun login(userData: LoginItem): BasicAuthResponse<AuthResponse> {
val result = <http://jsonClient.post|jsonClient.post><BasicAuthResponse<AuthResponse>>(endpoint + LoginItem.path) {
contentType(ContentType.Application.Json)
body = userData
}
return result
}
Grouvie
03/27/2022, 3:57 PMAleksei Tirman [JB]
03/27/2022, 4:23 PM/dashboard
) and render it in a browser?Grouvie
03/27/2022, 4:23 PMAleksei Tirman [JB]
03/27/2022, 4:26 PMAleksei Tirman [JB]
03/27/2022, 4:28 PM/dashboard
with a JSON.Grouvie
03/27/2022, 7:21 PM/dashboard
. When I access it /dashboard
sends a request to for example /save/dashboard
and on successful authentication /save/dashboard
answers with the content to display on /dashboard
?Aleksei Tirman [JB]
03/27/2022, 7:29 PMGrouvie
03/27/2022, 7:29 PMAleksei Tirman [JB]
03/27/2022, 7:43 PMGrouvie
03/27/2022, 7:48 PMAleksei Tirman [JB]
03/27/2022, 8:23 PM/login
, where you store a JWT token in a session if authentication is successful. In this case the /dashboard
endpoint will be public but you will check there for a valid session before responding with a HTML.Grouvie
03/27/2022, 8:28 PM