Ember simple auth and cookie headers

Question

I am currently working on an Ember 2.4.x application and I am using ember-simple-auth with a custom Authenticator and a custom Authoriser.

Upon successful authentication, the server responds with a json body containing information about the current user plus a cookie in the Response Headers:

Response Headers:
  Set-Cookie:Authorization=1s39gpzqy4d0w1quxekavz6yj1;Path=/

Now, the only thing I need, for each consecutive requests, is to send back that same cookie. I understand that with ember-simple-auth, I can use the block callback in order to set an additional header in my the custom authoriser. However, I could not find a way to resend that exact same cookie with each requests.

Also I am wondering whether I need an Authoriser at all since I am not setting any header, the server only cares about that cookie.

Answer 1

I finally managed to getting this to work. Basically I first followed the answer of that topic

Then, in my custom authenticator I am re-using the makeRequest method on which I had to set the xhrFields property:

makeRequest(data, options) {
  let serverTokenEndpoint = get(this, 'serverTokenEndpoint');
  let requestOptions = $.extend({
    url:      serverTokenEndpoint,
    type:     'POST',
    // The contentType must be passed to Jetty as it will default to
    // 'application/x-www-form-urlencoded'
    contentType: 'application/json',
    crossDomain: true,
    dataType: 'json',
    data,
    xhrFields: {
      withCredentials: true
    },

    beforeSend(xhr, settings) {
      xhr.setRequestHeader('Accept', settings.accepts.json);
    }
  }, options || {});

  return $.ajax(requestOptions);
}

I also found out that the server had to set Access-Control-Allow-Credentials:true in the Response Headers otherwise Ember would through an error.

Answer 2

If your authentication server issues a cookie you don't really need an authorizer at all as the browsers will automatically send the cookie with each consecutive request.