Use cookies again (to make AJAX calls easier).

OndrejSpanel · Nov 4, 2019 · c40981a · c40981a
1 parent d1534b4
commit c40981a
Show file tree

Hide file tree

Showing 3 changed files with 10 additions and 6 deletions.
diff --git a/...d/src/main/scala/com/github/opengrabeso/mixtio/frontend/services/UserContextService.scala b/...d/src/main/scala/com/github/opengrabeso/mixtio/frontend/services/UserContextService.scala
@@ -10,6 +10,8 @@ import common.Util._
 import scala.concurrent.{ExecutionContext, Future}
 import UserContextService._
 
+import org.scalajs.dom
+
 object UserContextService {
   final val normalCount = 15
 
@@ -55,8 +57,7 @@ class UserContextService(rpc: rest.RestAPI)(implicit ec: ExecutionContext) {
 
   private var userData: Option[UserContextData] = None
 
-  def login(userId: String, authCode: String): UserContext = {
-    val sessionId = facade.UdashApp.sessionId
+  def login(userId: String, authCode: String, sessionId: String): UserContext = {
     println(s"Login user $userId session $sessionId")
     val ctx = new UserContextData(userId, sessionId, authCode, rpc)
     userData = Some(ctx)
@@ -77,6 +78,9 @@ class UserContextService(rpc: rest.RestAPI)(implicit ec: ExecutionContext) {
 
   def api: Option[rest.UserRestAPI] = userData.map { data =>
     //println(s"Call userAPI user ${data.context.userId} session ${data.sessionId}")
+    assert(MainJS.getCookie("authCode") == data.context.authCode)
+    assert(MainJS.getCookie("sessionId") == data.sessionId)
+
     rpc.userAPI(data.context.userId, data.context.authCode, data.sessionId)
   }
 }
diff --git a/frontend/src/main/scala/com/github/opengrabeso/mixtio/frontend/views/Root.scala b/frontend/src/main/scala/com/github/opengrabeso/mixtio/frontend/views/Root.scala
@@ -35,9 +35,8 @@ object Root {
     def login() = {
       val globalUserId = facade.UdashApp.currentUserId.orNull
       val globalAuthCode = facade.UdashApp.currentAuthCode.orNull
-      // note: even if we did not provide the cookie, it would be inherited from the main page request
-      // providing it explicitly should do no harm and could make it more robust (e.g. if any requests would be made from other context)
-      val ctx = userContextService.login(globalUserId, globalAuthCode)
+      val sessionId = facade.UdashApp.sessionId
+      val ctx = userContextService.login(globalUserId, globalAuthCode, sessionId)
       userContextService.userName.foreach(_.foreach { name =>
         model.subProp(_.athleteName).set(name)
       })

diff --git a/shared-js/src/main/scala/com/github/opengrabeso/mixtio/rest/RestAPI.scala b/shared-js/src/main/scala/com/github/opengrabeso/mixtio/rest/RestAPI.scala
@@ -12,8 +12,9 @@ trait RestAPI {
   @GET
   def identity(@Path in: String): Future[String]
 
+  /* Caution: cookie parameters are used from the dom.document when called from Scala.js */
   @Prefix("user")
-  def userAPI(@Path userId: String, @Path authCode: String, @Path sessionId: String): UserRestAPI
+  def userAPI(@Path userId: String, @Cookie authCode: String, @Cookie sessionId: String): UserRestAPI
 
   @GET
   def now: Future[ZonedDateTime]