v.1.0.92
PricingBlog
Sign up
Open app
All topics

How does the system send the right info in Bearer for auth?

  • rscott-1198708936006709258

    Bishop

    2 years ago

    It's unclear where it gets its information, this video explains.
  • lucasg-1198709803334238289

    Lucas G

    2 years ago

    toddle has some undocumented features for handling user session stuff automatically, it even has a logout endpoint that we can use
  • they'll document it at some point lol
  • Andreas would be a good person to answer this
  • andreasmoller-1198710931023208448

    Andreas Møller

    2 years ago

    You basically did everything right. But your access_token is currently just set to “access_token” when you set the session cookies
  • It should be the token you get from the server when you sign in
  • Lucas is right that these features are purely documented:)
  • rscott-1198714361607372881

    Bishop

    2 years ago

    i see s basicaly this, but assuming i had entered the right info. It sounds like 'Access token' is a special cookie we don't need to be specific about
    1198714361389265069-Screenshot_2024-01-21_at_1.42.00_PM.png
  • rscott-1198714721008889876

    Bishop

    2 years ago

    there's nothing more to do here as long as Access token is assigned the returned data properly
    1198714720820150373-Screenshot_2024-01-21_at_1.43.17_PM.png
  • rscott-1198715251483484160

    Bishop

    2 years ago

    caught it
    1198715251261190286-Screenshot_2024-01-21_at_1.45.55_PM.png
  • 767452073251438612-@Bishop
    caught it
    lucasg-1198715587648557158

    Lucas G

    2 years ago

    Make sure you also select that "auth_token" from the API data
  • So you pass in just the value and not the full object
  • Hope that makes sense
  • But yeah, that's all you have to do
  • rscott-1198716483254108231

    Bishop

    2 years ago

    i see, not this
    1198716482964689107-Screenshot_2024-01-21_at_1.50.56_PM.png
  • but this
    1198716507656568913-Screenshot_2024-01-21_at_1.51.00_PM.png
    👍1
  • rscott-1198717465350393967

    Bishop

    2 years ago

    But then how do I detect if its set, elsewhere? I'm trying to put into the main app to show login if auth token isn't set and this doesn't do it, do i need to set an additional variable in order to detect if they are or aren't logged in?
    1198717465119690831-Screenshot_2024-01-21_at_1.54.10_PM.png
  • lucasg-1198719073446535239

    Lucas G

    2 years ago

    Session storage is separate from session cookies
    1198719073073233971-Screenshot_2024-01-21_at_3.01.15_PM.png
  • lucasg-1198720843946139749

    Lucas G

    2 years ago

    Just checking if it's set isn't the safest though since the token could be expired
  • I'm not sure if toddle automatically clears the cookie value on expiry
  • lucasg-1198721333425602620

    Lucas G

    2 years ago

    I imagine safest thing is just to do a session check to your backend
  • rscott-1198730716435976253

    Bishop

    2 years ago

    ok so it sounds like 'dont worry about the cookie, just ask the back end to produce an error if auth fails'
  • and protect all the apis that have private info
Leave a comment
Nordcraft Co-Founders Kasper Svenning Hansen and Andreas Møller

Chat with Nordcraft

Chat with the Nordcraft team

Nordcraft Co-Founder and CEO Andreas Møller

Call our CEO

Plan a video call with Andreas

Hi Nordcraft!

Write Nordcraft

Send us an email

BlogPricingDocumentationhello@nordcraft.com
RoadmapPress KitTerms & ConditionsPrivacy PolicyAffiliate
© Nordcraft 2025. All rights reserved.