bbbeasy icon indicating copy to clipboard operation
bbbeasy copied to clipboard

Published 20 hours ago verified publisher icon riadvice

Correlate frontend and backend session

Open GhaziTriki opened this issue 2 years ago • 3 comments

Currently for every HTTP call, separate sessions are created whether the user is authenticated or not.

We need to handle with a single session if there is no authenticated user. The session of th authenticated users looks good but to double check.

Question asked to F3 community here https://fatfreeframework.slack.com/archives/C2TCAG2HH/p1648065713912149

GhaziTriki avatar Mar 25 '22 19:03 GhaziTriki

Decisions after a team meeting:

  • Create a new TS function to check the PHPSESSID from the local storage. If not found it will not send it, however it will store the new PHPSESSID in the local storage.
  • Always put the PHPSESSID in all API calls using axios.
  • Filter incoming API responses in axios to disconnect when a specific HTTP status is returned.
  • We will not use JWT for now.

GhaziTriki avatar Apr 07 '22 12:04 GhaziTriki

Need to fix #369 first.

GhaziTriki avatar Jan 24 '23 08:01 GhaziTriki

After a dicussion with the team @CherifAmine @marwa-benhassine we found the following issues :

  • After the expiration of the session duration , the logout is still not implemented
  • After changing the administrator name from users page , All the requests from the backend returns 404 error

hanazarraa avatar Sep 12 '23 14:09 hanazarraa