Set Authorization headers for backend requests(solved)

Reply to Set Authorization headers for backend requests(solved) on Wed, 02 Mar 2022 15:26:44 GMT

legendariusx — Wed, 02 Mar 2022 15:26:44 GMT

Is it possible to add Authorization headers to all outgoing request from colyseus/Client (ts implementation)?
I have an API gateway that's secured through OpenID-Connect and would like to move my colyseus server behind it so I can use the same users as for my other services.
In the official documentation I've only found the possibility to add an accessToken for an FB login on the .login() method but maybe I've missed something.
Specifically I'm wondering about the POST to /matchmake as well as the GET for the session.

Thank you very much for this great tool and your assistance!

Reply to Set Authorization headers for backend requests(solved) on Mon, 28 Feb 2022 16:06:14 GMT

Wenish — Mon, 28 Feb 2022 16:06:14 GMT

Hey probably kinda depends on the specific setup you have.
But in the room in the "onAuth()" callback you can access the header via the request object you get.
so on client side set the header with your accessToken
https://docs.colyseus.io/colyseus/server/room/#onauth-client-options-request

then for /matchmake or sessions endpoints i would add a express middleware
https://expressjs.com/en/guide/using-middleware.html

this would work if you use the express setup for the colyseus server:
https://docs.colyseus.io/colyseus/server/api/#optionsserver

also you have have to set on client side the header with some sort of intercepter
this doc helps if you develop you client for the web:
https://developer.mozilla.org/en-US/docs/Mozilla/Add-ons/WebExtensions/API/webRequest

Reply to Set Authorization headers for backend requests(solved) on Invalid Date

legendariusx — Invalid Date

Hey, thank you very much for replying to my question.
The last link you provided would be what I'm looking for but it seems this is only possible for browser Add-ons and not a web application.
I looked at the colyseus.js Client implementation https://github.com/colyseus/colyseus.js/blob/master/src/Client.ts and it seems like the package used is httpie which is very lightweight but does not provide interception (possibility to add headers before any request is sent).

So here's what I'm trying to do:

For this to be possible, the authorization needs to happen when the request gets to the API gateway. This means that the Authorization header would need to be present on the POST to /matchmake as well as the subsequent GET where the session is requested.

This use case does not seem to be possible with the current implementation of the colyseus.js package.
Are you interested in providing this functionality, i.E. is this something that warrants a feature request/PR?

Reply to Set Authorization headers for backend requests(solved) on Invalid Date

Wenish — Invalid Date

true i sent a link to add-ons. i meant to sent a link for service workers
https://stackoverflow.com/questions/43813770/how-to-intercept-all-http-requests-including-form-submits#:~:text=js file (the actual service,function(event) { event.

Reply to Set Authorization headers for backend requests(solved) on Invalid Date

legendariusx — Invalid Date

Thank you!