Hi all,
I'm trying to develop a single-page application in Vue where users can log in and out and have different levels of access. I've more or less cribbed the relevant authentication and permissions code from the DBA webapp (which is not single-page).
When I test the API in a program like Postman or Insomnia, everything works as expected. However in the browser I can login successfully but I can't then access any RESTXQ functions which I haven't marked as public with the %perm:allow and %perm:check functions.
The core problem is that I don't really understand how sessions work, but it seems like the session isn't persisting across requests that my Vue webapp is sending. Do I need to add something in my webapp code that is being handled automatically when I use the DBA webapp or my API testing software?
Any advice would be greatly appreciated.
Kind regards,
Jack
Never mind – it was CORS related, and I should have figured this out much earlier!
Jack
On Wed, Aug 2, 2023, 3:12 PM Jack Steyn steynjack@gmail.com wrote:
Hi all,
I'm trying to develop a single-page application in Vue where users can log in and out and have different levels of access. I've more or less cribbed the relevant authentication and permissions code from the DBA webapp (which is not single-page).
When I test the API in a program like Postman or Insomnia, everything works as expected. However in the browser I can login successfully but I can't then access any RESTXQ functions which I haven't marked as public with the %perm:allow and %perm:check functions.
The core problem is that I don't really understand how sessions work, but it seems like the session isn't persisting across requests that my Vue webapp is sending. Do I need to add something in my webapp code that is being handled automatically when I use the DBA webapp or my API testing software?
Any advice would be greatly appreciated.
Kind regards,
Jack
basex-talk@mailman.uni-konstanz.de
-
Jack Steyn