You are not logged in.
- Topics: Active | Unanswered
Pages: 1
#1 2020-01-24 18:57:23
- radexpol
- Member
- From: Poland, Krk
- Registered: 2019-11-29
- Posts: 116
Basic authentication + cookies
Can someone help me implement standard http authentication?
1. End-user send the username+password through the request headers (Authorization: Basic xxxxxxxxxxxx)
2. Server creates the session token and send the create cookie request to the client
3. Every request from client must contain cookie session token
All communication will be secured by https.
Offline
#2 2020-01-24 21:28:31
Re: Basic authentication + cookies
Did you search the documentation?
https://synopse.info/files/html/Synopse … #TITLE_555
Anyway, I wouldn't recommend using Basic Authentication. In any scenario.
See https://synopse.info/files/html/Synopse … #TITLE_542
Either use the mORMot default authentication, or a JWT.
And always with HTTPS/TLS - or at least with our encrypted WebSockets.
Offline
#3 2020-01-25 14:38:11
- radexpol
- Member
- From: Poland, Krk
- Registered: 2019-11-29
- Posts: 116
Re: Basic authentication + cookies
For now I can't change the authentication method in our current system, I would like to migrate from indy http server to mORMot, so that's why I'm asking about default http basic authorization based on token stored in cookies.
Offline
Pages: 1