Is it possible to inject custom meta information on authentication?
42 views
Skip to first unread message
Andrew Eddie
Aug 18, 2015, 1:33:59 AM8/18/15
to Autobahn
In the `onchallenge` method, it's possible to customise the `authid` and the `role` (cf https://github.com/crossbario/crossbarexamples/blob/master/authenticate/wampcradynamic/python/authenticator.py#L45).
Is it possible to inject more information in the session that the client could have access to, for example, a temporary access token and/or refresh token?
What we are trying to do is allowing a web app to keep a user logged in after a hard refresh of the page. Currently the solution seems to be to hit something like a "handshake" end-point as soon as the connection is opened that could return a bearer token (and maybe other "restore my state" information), store that in local storage and use that to reestablish the connection.
Any thoughts on how to solve that kind of problem in an elegant way would be appreciated.
Thanks in advance.
Regards,
Andrew Eddie
Tobias Oberstein
Aug 18, 2015, 3:58:51 AM8/18/15
to autob...@googlegroups.com
Andrew,
Am 18.08.2015 um 07:33 schrieb Andrew Eddie:
> In the `onchallenge` method, it's possible to customise the `authid` and
> the `role`
> (cf https://github.com/crossbario/crossbarexamples/blob/master/authenticate/wampcradynamic/python/authenticator.py#L45).
>
> Is it possible to inject more information in the session that the client
> could have access to, for example, a temporary access token and/or
> refresh token?
The WAMP-CRA spec allows this, but it's not currently exposed in dynamic
authenticators in Crossbar.io.
>
> What we are trying to do is allowing a web app to keep a user logged in
> after a hard refresh of the page. Currently the solution seems to be to
> hit something like a "handshake" end-point as soon as the connection is
> opened that could return a bearer token (and maybe other "restore my
> state" information), store that in local storage and use that to
> reestablish the connection.
>
> Any thoughts on how to solve that kind of problem in an elegant way
> would be appreciated.
Our usual approach is to combined WAMP-CRA with WAMP-Cookie. When the
user has authenticated initially and successfully via WAMP-CRA,
Crossbar.io sets an auth cookie. Later, when the user comes back, the
auth cookie is checked and user is directly authenticated. This works on
WAMP-over-WebSocket transports only (eg not RawSocket transports).
Cheers,
/Tobias
>
> Thanks in advance.
>
> Regards,
> Andrew Eddie
>
> --
> You received this message because you are subscribed to the Google
> Groups "Autobahn" group.
> To unsubscribe from this group and stop receiving emails from it, send
> an email to autobahnws+...@googlegroups.com
> <mailto:autobahnws+...@googlegroups.com>.
> To post to this group, send email to autob...@googlegroups.com
> <mailto:autob...@googlegroups.com>.
> To view this discussion on the web visit
> https://groups.google.com/d/msgid/autobahnws/2302b0bb-d827-49f7-b2a5-478ab411ee61%40googlegroups.com
> <https://groups.google.com/d/msgid/autobahnws/2302b0bb-d827-49f7-b2a5-478ab411ee61%40googlegroups.com?utm_medium=email&utm_source=footer>.
> For more options, visit https://groups.google.com/d/optout.
Am 18.08.2015 um 07:33 schrieb Andrew Eddie:
> In the `onchallenge` method, it's possible to customise the `authid` and
> the `role`
> (cf https://github.com/crossbario/crossbarexamples/blob/master/authenticate/wampcradynamic/python/authenticator.py#L45).
>
> Is it possible to inject more information in the session that the client
> could have access to, for example, a temporary access token and/or
> refresh token?
authenticators in Crossbar.io.
>
> What we are trying to do is allowing a web app to keep a user logged in
> after a hard refresh of the page. Currently the solution seems to be to
> hit something like a "handshake" end-point as soon as the connection is
> opened that could return a bearer token (and maybe other "restore my
> state" information), store that in local storage and use that to
> reestablish the connection.
>
> Any thoughts on how to solve that kind of problem in an elegant way
> would be appreciated.
user has authenticated initially and successfully via WAMP-CRA,
Crossbar.io sets an auth cookie. Later, when the user comes back, the
auth cookie is checked and user is directly authenticated. This works on
WAMP-over-WebSocket transports only (eg not RawSocket transports).
Cheers,
/Tobias
>
> Thanks in advance.
>
> Regards,
> Andrew Eddie
>
> You received this message because you are subscribed to the Google
> Groups "Autobahn" group.
> To unsubscribe from this group and stop receiving emails from it, send
> an email to autobahnws+...@googlegroups.com
> <mailto:autobahnws+...@googlegroups.com>.
> To post to this group, send email to autob...@googlegroups.com
> <mailto:autob...@googlegroups.com>.
> To view this discussion on the web visit
> https://groups.google.com/d/msgid/autobahnws/2302b0bb-d827-49f7-b2a5-478ab411ee61%40googlegroups.com
> <https://groups.google.com/d/msgid/autobahnws/2302b0bb-d827-49f7-b2a5-478ab411ee61%40googlegroups.com?utm_medium=email&utm_source=footer>.
> For more options, visit https://groups.google.com/d/optout.
Andrew Eddie
Aug 19, 2015, 6:06:51 PM8/19/15
to autob...@googlegroups.com
Thanks Tobias.
Regards,
Andrew Eddie
> You received this message because you are subscribed to a topic in the
> Google Groups "Autobahn" group.
> To unsubscribe from this topic, visit
> https://groups.google.com/d/topic/autobahnws/ktv3mWSDVFo/unsubscribe.
> To unsubscribe from this group and all its topics, send an email to
> autobahnws+...@googlegroups.com.
> To post to this group, send email to autob...@googlegroups.com.
Regards,
Andrew Eddie
> Google Groups "Autobahn" group.
> To unsubscribe from this topic, visit
> https://groups.google.com/d/topic/autobahnws/ktv3mWSDVFo/unsubscribe.
> To unsubscribe from this group and all its topics, send an email to
> autobahnws+...@googlegroups.com.
> To post to this group, send email to autob...@googlegroups.com.
> To view this discussion on the web visit
> https://groups.google.com/d/msgid/autobahnws/55D2E5B8.10500%40gmail.com.
Reply all
Reply to author
Forward
0 new messages