https://github.com/mheiber/experiment-clay-auth

Last synced: 2 months ago
JSON representation

Host: GitHub
URL: https://github.com/mheiber/experiment-clay-auth
Owner: mheiber
Created: 2017-06-28T00:08:32.000Z (almost 8 years ago)
Default Branch: master
Last Pushed: 2017-06-28T13:17:16.000Z (almost 8 years ago)
Last Synced: 2025-01-30T06:41:28.275Z (4 months ago)
Language: JavaScript
Size: 1000 Bytes
Stars: 0
Watchers: 1
Forks: 0
Open Issues: 0
Metadata Files:
- Readme: README.md

Awesome Lists containing this project

README

This is an example of how we can piggyback on Clay sessions for auth.

- A client-side JS app gets a Clay session by inspecting the cookie when the user is logged in to Clay.
- The client-side JS app sends the cookie in a header to a service that needs auth. The code in this repo shows what the service can do.
- The service checks that the Clay session is valid by asking Clay.
- If the Clay session is valid, the service completes the request successfully, otherwise it sends 403 FORBIDDEN or whatever the right status code is.

The code is running on Heroku and you can try it like this:

```
# For a 403 Forbidden:

curl -X POST https://fierce-bayou-30965.herokuapp.com/

# OR

curl -X POST https://fierce-bayou-30965.herokuapp.com/ -H 'x-clay-auth: invalid_session_key'

# For a 200:

curl -X POST https://fierce-bayou-30965.herokuapp.com/ -H 'x-clay-auth: '

```

To get a valid Clay session:

- In Chrome, log in to Clay on the dev server
- in edit mode, in the Chrome console, in the Application tab, find the value for the clay-session cookie.

ecosyste.ms

Data

Tools

Indexes

Applications

Experiments

Awesome

https://github.com/mheiber/experiment-clay-auth

Awesome Lists containing this project

README