OAS Tools
Security handlers #18
Replies: 3 comments
-
|
I figured out how to get my cookie value. I had to take the token, and run it through decodeURIComponent before running it through the cookieParser.signedCookie function. This gives me my session id, but since I don't have the request object, I am not sure how to ask express sessions to give me information in the session so I can validate it. I want to make sure the session still exists as well as pull some information that I stick into the session to let me know what the user can do. |
Beta Was this translation helpful? Give feedback.
-
|
I think I solved it. I took care of extracting the tokens and then I added an external module that fires before the routing takes place. It gets the request and response object and now I can handle any session management. |
Beta Was this translation helpful? Give feedback.
-
|
Have you checked the security section in the docs? In order to get the token from the Cookie you just need to declare a SecurityScheme with If something is unclear in documentation please don't be afraid to leave an issue or PR. I'm glad you found a workaround using an external module anyway :) |
Beta Was this translation helpful? Give feedback.
-
Are there any examples of how to decrypt/decode the token that is passed into the BasicAuth and CookieAuth handlers? I've tried cookieParser, but I cannot it get it to work.
Beta Was this translation helpful? Give feedback.
All reactions