https://kotlinlang.org logo
#ktor
Title
# ktor
n

NicoLourenco

02/01/2023, 10:19 AM
Hello, I have just implemented bearer authentication. Is it possible to whitelist the urls on which I want the token to be added ?
j

Júlio Santos

02/01/2023, 10:33 AM
Something how CORS, example.
Copy code
install(CORS) {
        method(HttpMethod.Options)
        method(<http://HttpMethod.Post|HttpMethod.Post>)
        method(HttpMethod.Get)
        method(HttpMethod.Put)
        method(HttpMethod.Delete)
        method(HttpMethod.Head)
        header(HttpHeaders.AccessControlAllowHeaders)
        header(HttpHeaders.ContentType)
        header(HttpHeaders.AccessControlAllowOrigin)
        header(HttpHeaders.AccessControlAllowMethods)
        header("userToken")
        allowCredentials = true
        allowNonSimpleContentTypes = true
        hosts.addAll(initHostsOrigins(config))
Copy code
private fun initHostsOrigins(config: ApplicationEnvironment) =
    config.property("cors.allowed-origins").getString().replace("\n", "")
        .split(",")
        .stream()
        .map { it.trim() }
        .filter { it.isNotBlank() }
        .collect(Collectors.toList())
a

Aleksei Tirman [JB]

02/01/2023, 12:20 PM
You can use the
sendWithoutRequest
method to specify a condition for requests which must be send without waiting for the 401 response from a server. https://ktor.io/docs/bearer-client.html#configure
12 Views