jwt in headers+localstorage instead of httpOnly cookie (#117)

2023-12-27 14:32:08 +01:00
parent f7ba203ed0
commit c5535fad71
14 changed files with 125 additions and 155 deletions
--- a/frontend/src/lib/rpcClient.ts
+++ b/frontend/src/lib/rpcClient.ts
@@ -15,13 +15,15 @@ export class RPCClient {
  private seq: number
  private httpEndpoint: string
  private readonly _socket$: WebSocketSubject<any>
+  private readonly token?: string

-  constructor(httpEndpoint: string, webSocketEndpoint: string) {
+  constructor(httpEndpoint: string, webSocketEndpoint: string, token?: string) {
    this.seq = 0
    this.httpEndpoint = httpEndpoint
    this._socket$ = webSocket<any>({
-      url: webSocketEndpoint
+      url: token ? `${webSocketEndpoint}?token=${token}` : webSocketEndpoint
    })
+    this.token = token
  }

  public get socket$(): Observable<RPCResponse<RPCResult[]>> {
@@ -49,6 +51,9 @@ export class RPCClient {
  private async sendHTTP<T>(req: RPCRequest) {
    const res = await fetch(this.httpEndpoint, {
      method: 'POST',
+      headers: {
+        'X-Authentication': this.token ?? ''
+      },
      body: JSON.stringify({
        ...req,
        id: this.incrementSeq(),