I’ve build an SPA that uses JWT to authenticate with my server. I know want to fire event to specific userId’s.
I’ve got the following code:
var eventsClient = new ServerEventsClient(runtimeConfig.apiRoot, [ ‘import-policy’ ])
eventsClient.serviceClient.setBearerToken(this.$auth.getToken())
eventsClient.start()
It looks like you’re attempting a cross-domain request? In which case you’ll need register the CorsFeature and register all the domains you want to allow access from, e.g:
Is this the correct way to authenticate my eventsClient?
var eventsClient = new ServerEventsClient(runtimeConfig.apiRoot, [ ‘import-policy’ ])
eventsClient.serviceClient.setBearerToken(this.$auth.getToken())
eventsClient.start()
You would typically need to authenticate with the server so it returns authenticate UserSession Cookies that are attached to subsequent requests. So it would work if you authenticated with the Service Client.
In this case you already have the JWT Token and need to convert it to a JWT Cookie. Something you can try is calling the ConvertSessionToToken API with the JWT Token before connecting with ServerEventsClient, e.g:
var headers = new Headers();
headers.set("Authorization", "Bearer " + this.$auth.getToken());
fetch(runtimeConfig.apiRoot + "/session-to-token",
{ method:"POST", headers, credentials:"include" });
This should convert the Session into a JWT Cookie.
That code executes fine, but I am still getting the 401 error, here is my code at the moment:
let headers = {
Authorization: 'Bearer ’ + this.$auth.getToken()
}
Is there a HTTP request missing? There’s only the preflight OPTIONS /session-to-token request but not the POST /session-to-token it’s meant to have sent.
Is there any error messages in Chrome Inspector’s console window indicating why the preflight request may have failed?
Note: don’t post the JWT token itself as it’s unencrypted so anyone can read its contents.
Ok it looks like the issue is that /session-to-token wasn’t converting JWT’s to a JWT Cookie since it was already a JWT which should be doing it from this commit.
Also if you’re using .NET Core please note the v5 changes where the ServiceStack .NET .Core packages are now merged into the main NuGet packages so you’ll need to remove the .Core suffix, e.g: