Made changes so auth on openapi schema works. #143
Conversation
Now requests that require BE to check token will be sent with Bearer JWT from FE as a token.
thai-truong
added
bug
|
Deploy preview for hkn-ucsd-portal-dev ready! Built with commit 39eeaab |
| @@ -52,7 +52,7 @@ | |||
| "storybook": "start-storybook -p 6006 -s public", | |||
| "build-storybook": "build-storybook -s public", | |||
| "precodegen": "rimraf src/api/*", | |||
| "codegen": "npx openapi-generator generate -i http://dev.api.hknucsd.com/api/docs/json -g typescript-fetch --additional-properties=typescriptThreePlus=true -o src/api/" | |||
| "codegen": "npx openapi-generator generate -i http://dev.api.hknucsd.com/api/docs/json -g typescript-fetch --additional-properties=typescriptThreePlus=true -o src/services/api" | |||
There was a problem hiding this comment.
oof sorry if this caused issues it's mb :(
src/pages/App/index.js
Outdated
| const { claims } = tokenResult; | ||
| const { claims, token } = tokenResult; | ||
|
|
||
| ApiConfigStore.setToken(token); |
There was a problem hiding this comment.
might also have to call this in setClaims
There was a problem hiding this comment.
we could have a state field that's token instead of userRoles - what do you think
There was a problem hiding this comment.
setClaims doesn't have access to tokenResult.token though. Also, I use userRoles for the RBAC HOCs so I'd rather it still be there. We can always just have a userToken state field in addition to the other two.
There was a problem hiding this comment.
yeah i see ur point about the userRoles, but after a user logins you should be able to get their token
There was a problem hiding this comment.
so then we can add the userToken as a state field
There was a problem hiding this comment.
Yes that's fine. What about the calling setToken() in setClaims that you said in your first comment of this thread?
There was a problem hiding this comment.
yeah cuz after someone signs in we should set the token in setClaims instead of waiting for the firebase authListener to do it
There was a problem hiding this comment.
i ran into some weird issues before doing this
There was a problem hiding this comment.
Should I put userToken into userClaims then, since it's an object? Also, if I were to call setToken in setClaims, do I just get the token from this.state.userClaims?
|
I think the idea is just to longterm drop the concept of claims and rely on the roles that we get from /users/:userID/role.
We can just add token as a string since it’s a jwt string
… On Aug 26, 2020, at 5:11 PM, Thai ***@***.***> wrote:
@thaigillespie commented on this pull request.
In src/pages/App/index.js <#143 (comment)>:
> @@ -42,7 +43,9 @@ class App extends React.Component {
firebase.auth().onAuthStateChanged(async user => {
if (user) {
const tokenResult = await user.getIdTokenResult();
- const { claims } = tokenResult;
+ const { claims, token } = tokenResult;
+
+ ApiConfigStore.setToken(token);
Should I put userToken into userClaims then, since it's an object? Also, if I were to call setToken in setClaims, do I just get the token from this.state.userClaims?
—
You are receiving this because your review was requested.
Reply to this email directly, view it on GitHub <#143 (comment)>, or unsubscribe <https://github.com/notifications/unsubscribe-auth/AH25RGJKYKMOB4E5UJ2QHB3SCWQENANCNFSM4QML3ILA>.
|
|
Okay so token will be its own state field then got it. |
Now requests that require BE to check token will be sent with
Bearer JWT from FE as a token.