1

I've been struggling with this for too long now. I have an Expressjs server that provides an endpoint to login. The response I get has a JWT token, expiring in an hour. All good.

On the Emberjs side, I can successfully authenticate and get the token (using ember-simple-auth and ember-simple-auth-token). This works well for protecting my routes. But I can't for the life of me update the RESTAdapter headers to include my new authorization token.

I've tried:

  • using $.ajaxPrefilter to set the Authorization header. Didn't work
  • accessing "this.get('session.secure.token')" from the RESTAdapter. Thats undefined.

Please, if someone could point me in the right direction, I'd be eternally grateful. All I need to do is attach the value in "session.secure.token" to the header for all RESTAdapter requests.

Thanks

Improve this question

1 Answer 1

Reset to default
3

You should be able to set the simple-auth config property authorizer to simple-auth-authorizer:token - in the simple-auth code it looks for this config property, looks up simple-auth-authorizer:token and uses this in combination with ajaxPrefilter.

// config/environment.js
ENV['simple-auth'] = {
  authorizer: 'simple-auth-authorizer:token'
};
Improve this answer
Sign up to request clarification or add additional context in comments.

4 Comments

I have used this. Simple-Auth is working as expected, except for the headers. I've even set the ENV['simple-auth-token'] = { authorizationHeaderName: 'Authorization', But still, the RESTAdapter (or any jQuery ajax requests) do not have hat header...
I added my api server to the crossOriginWhitelist as it wasn't set, but when doing a REST request, instead of an unauthorized response (as above), it seems to invalidate the session.
Ember Simple Auth automatically handles 401 responses and invalidates the session if one occurs (at least if you're using the ApplicationRouteMixin). You can change that behavior by overriding the`authorizationFailed`` method in your application route.
Ah explains why its redirecting. Except it shouldn't be invalidating, cause I've just logged in. So for some reason the auth headers aren't being sent through. I'm going to start a new project and see if something fresh works.

Your Answer

By clicking “Post Your Answer”, you agree to our terms of service and acknowledge you have read our privacy policy.

Start asking to get answers

Find the answer to your question by asking.

Ask question

Explore related questions

See similar questions with these tags.