For my first discussion, I would like to start by congratulating the FuelPHP team for their remarkable work. I have been using FuelPHP since 2015, and I am generally very satisfied with it, even though some subtleties still escape me.
I would also like to contribute to the project on GitHub and make my own contribution. However, I prefer to wait until I have acquired more skills to do so effectively. Many thanks to the entire team for this amazing framework!
Here is my problem:
I usually use SimpleAuth as an authentication system, with a classic form and a standard HTTP request. Now, I want to adopt a more modern approach by using an AJAX HTTP request, with a form embedded in a modal box.
However, I am stuck after the user logs in on the server: I don’t know how to send the necessary information to the client for them to be authenticated. I believe it’s a cookie-related issue, as the fuelcid cookie, which I usually get with the standard method, is not being generated or transmitted. I’m not sure how to resolve this problem.
Thank you very much for your help and attention!
Code below
<Javascript>
document.addEventListener('DOMContentLoaded', function () {
document.getElementById("userConnectModal").querySelector('form').addEventListener('submit', function (event) {
event.preventDefault();
var data = this;
// form action user/connect
fetch(data.getAttribute('action'), {
headers: {'X-Requested-With': 'XMLHttpRequest'},
method: data.getAttribute('method'),
body: new FormData(data)
})
.then(response => response.text())
.then(response => {
if (response == 'Auth') {
//window.location = 'index.php';
}
console.log(response);
});
});
});
</Javascript>
<PHP>
public function action_connect()
{
if (Input::is_ajax() && Input::method() == 'POST')
{
if (Auth::login())
{
var_dump(Auth::check()); // Return true
var_dump(Session::instance()); // I can see that a session instance is correctly created, with a hash_login, when I check the developer console.
There should be no difference between a "traditional" login system (using a posted login form), and a login using an AJAX request, both should use the same session data.
There is nothing to send yourself, as soon as your backend does a valid Auith::login(), the session data is set automatically.
I suggest you start with the browser debug window, network tab, and check what exactly is requested, and what in is the response headers.
And check the session storage tab too, to see if the cookie is stored.
I understand you're using cookie storage without a server-side backend for your sessions. In that case, make sure you don't store much data in the session, there is only limited space in a cookie, even less so after the data is encrypted.
Donate
