legolas8911
12/04/2022, 11:37 AMrp
12/04/2022, 12:21 PMlegolas8911
12/04/2022, 2:03 PMrp
12/04/2022, 2:41 PMX
and putting Y in the access token payload so that you can switch to user Y later on if needed.legolas8911
12/04/2022, 2:44 PMrp
12/04/2022, 2:46 PMawait Session.getSession(input.req, input.res)
legolas8911
12/04/2022, 2:46 PMrp
12/04/2022, 2:46 PMinput.options.req
and input.options.res
legolas8911
12/04/2022, 2:46 PMrp
12/04/2022, 2:47 PMlegolas8911
12/04/2022, 2:47 PMrp
12/04/2022, 2:48 PMgetSession
function in the login API instead with input.options.req
and input.options.res
input.userContext.session = session
input.userContext.session
in the createNewSession
overrideawait getSession(input.userContext._default.request, input.res)
legolas8911
12/04/2022, 2:49 PMrp
12/04/2022, 2:49 PMawait getSession(input.userContext._default.request, input.res, {sessionRequired: false})
legolas8911
12/04/2022, 2:50 PMrp
12/04/2022, 2:52 PMlegolas8911
12/04/2022, 2:52 PMrp
12/04/2022, 2:53 PMrid
header in itlegolas8911
12/04/2022, 2:53 PMrp
12/04/2022, 2:53 PMinput.userContext._default.request
?legolas8911
12/04/2022, 2:54 PMrp
12/04/2022, 2:54 PMlegolas8911
12/04/2022, 2:54 PMrp
12/04/2022, 2:55 PMrid
as thirdpartyemailpassword
legolas8911
12/04/2022, 2:55 PMrp
12/04/2022, 2:55 PMlegolas8911
12/04/2022, 2:55 PMrp
12/04/2022, 2:56 PMlegolas8911
12/04/2022, 2:57 PMrp
12/04/2022, 2:58 PMgetSession
functionlegolas8911
12/04/2022, 2:58 PMrp
12/04/2022, 2:58 PMgetSession
protects against CSRF using this rid
header.legolas8911
12/04/2022, 2:58 PM