Hi, I have a peculiar case to handle on react nat...
# general
t
Hi, I have a peculiar case to handle on react native. One of our native integration is making an authenticated call but since we're not in react native land it will not contain the cookie header. I don't know how to retrieve the cookie so that I could include it in that native call?
maybe with
getAccessTokenPayloadSecurely
?
or taking it from async storage maybe?
r
getAccessTokenPayloadSecurely
is in RN land, so it's not available in native land.
so you would have to read from async storage yourself manually and fetch the access token + id refresh token from there. Then add them to the cookies when making the request
t
no but we can pass a message to the native
r
Hmmm. I see.
t
if we can get the cookie content from RN it's fine
r
React native - native land cookie fetching
@User can help with this.
n
@User calling getAccessTokenPayload would not retrieve the cookie headers so that wont work for you. The SDK itself relies on react-native's networking layer for cookie handling so theres no way to fetch the headers manually unfortunately
If it is an option you could try making the request itself from react native's side of things and return the response back to native (if the native module is in your control that is)
Other than that you could try and leverage React Native's native implementation of networking (okhttp on Android and URLSession on iOS) and use their cookie manager for your request too. Ill get back to you with more details on this because ill have to do a deep dive myself but these are the only options I can think of
t
what we're trying now is get the content of sftoken from async-storage and then put its content into the cookie header . that should work too right?
we don't have the option of making that request from RN because it's a 3rd party integration
r
I don't think that the session tokens we generate are stored in async-storage.
is that right @User ?
n
So the front token (sFrontToken) wont work as a cookie header, and yes thats right @User we dont store the session tokens in async storage
r
So one more idea @User is that if you could see which lib the third party integration uses and add interceptors to it, and then in your interceptors, you can make a request to the RN land and then back to the native land. Maybe that should work?
Another idea is to enable JWT in the sessions. This way, the JWT is stored in the async-storage and can be fetched via
getAccessTokenPayloadSecurely
function. Then that can be added as an authorisation bearer token to the request made by the third party, and your APIs would then need to also be able to verify a JWT as an alternate was of doing sessions.
t
ok thanks that's indeed 2 good options
are you sure we can get the access token from
getAccessTokenPayloadSecurely
? it seemed to be only the payload of the JWT without its signature
can't we use directly storage's
sFrontToken
as JWT token ?
r
So the session contains the access token, which is a signed cookie. In that, you have the access token payload which can be fetched via
getAccessTokenPayloadSecurely
. If you enable JWT, we create a separate JWT and put that inside the session's access token payload with the key as
jwt
(by default). So if you do
await getAccessTokenPayloadSecurely()["jwt"]
, you will actually get the JWT string which you can then pass to your backend
t
this is the content I get from getAccessTokenPayloadSecurely :
Copy code
{
  "phoneNumber": "+32468214620"
}
r
Have you enabled JWT on the backend?
t
ah damn no
ok doing this
r
hehe ok
t
so we'll be able to use both JWT and session with this right?
r
Yea
t
So we still don't have a jwt in the getAccessTokenPayloadSecurely in a new login with
Copy code
Session.init({
        jwt: {
          enable: true
        }
      })
could it because of this override?
Copy code
const session = await Session.createNewSession(
                  input.options.res,
                  user.id,
                  {
                    // we are adding the phoneNumber to the access token payload.
                    // This will also be accessible in all API calls + on the frontend.
                    phoneNumber
                  },
                  {}
                );
r
hmm. That's odd
Can you please open a github issue about this and we shall have a look asap
n
What output do you get when you call get access token payload?
Also what sdk and version are you using for the backend?
t
oh wait it was a brainfart we actually have it !
sorry about this
r
oh great!
n
Glad it works!
t
yes I can confirm it totally works! awesome
thx for your help and super quick reaction 💪 💪 💪
2 Views