laravel-gdpr icon indicating copy to clipboard operation
laravel-gdpr copied to clipboard

Published 20 hours ago verified publisher icon sander3

Data download usage with Inertia

Open alessiovietri opened this issue 3 years ago • 7 comments

Hello,

Is it possible to implement data download inside a Laravel-Inertia application?

Thanks a lot in advance

alessiovietri avatar Dec 09 '21 16:12 alessiovietri

Hey alessiovietri,

Sure! I don't think you'll be able to wire a full size ZIP file using Inertia itself, but you could add a link in one of your Inertia templates using https://inertiajs.com/links

sander3 avatar Dec 09 '21 18:12 sander3

Hi, Thanks for your quick answer. The problem is that when I send the post request (with the correct auth middleware), the response contains the login page and not the file to be downloaded. This is my route, accessed by an axios GET request:

Route::get('/download-data', function () {
        $response = \Http::post('http://website.test/gdpr/download', [ Auth::user()->password, ]);
        return $response;
    })->name('download-data');

Is this correct?

alessiovietri avatar Dec 09 '21 18:12 alessiovietri

Yes, that's correct. Since your Laravel application uses hashing (that's by default and really should not be disabled haha) the stored password doesn't match the actual plain text version. If you'd like to roll your own auth or disable the re-auth you can change the GDPR config file: https://github.com/sander3/laravel-gdpr/blob/master/config/gdpr.php

If you do want to use re-authentication, you should post the plain text version of the user's password to the gdpr/download endpoint.

sander3 avatar Dec 10 '21 09:12 sander3

Ah ok, so it's only a problem of hashing. I'll try with plain text password, thanks again!

alessiovietri avatar Dec 10 '21 12:12 alessiovietri

No, it's not working. I tried passing the password with the same code as before (but with plain text):

$response = \Http::post('http://website.test/gdpr/download', [ 'password' ]);

Tried also using withToken() function:

$response = \Http::withToken(csrf_token())->post('http://website.test/gdpr/download', [ 'password' ]);

And using withAuth() function too:

$response = \Http::withAuth('[email protected]', 'password')->post('http://website.test/gdpr/download', [ 'password' ]);

It always opens my login page. Any suggestion?

alessiovietri avatar Dec 10 '21 13:12 alessiovietri

It opens your login page due to a validation exception redirect.

Try passing ['password' => 'YOUR_PASSWORD_HERE'] instead.

sander3 avatar Dec 10 '21 14:12 sander3

I tried, but nothing changed

alessiovietri avatar Dec 11 '21 08:12 alessiovietri