Responses to the discussion on Github - Thread 2
flofleche255d ago
Hi @Fl4zher ,
You can definitively add httpOnly cookies from the Strapi server-side by extending the users-permissions plugin (cf. https://strapi.io/documentation/3.0.0-beta.x/concepts/customization.html#plugin-extensions).
Then once you’ve extended it to your needs, it is possible to transform the Graphql Schema accordingly (cf. https://strapi.io/documentation/3.0.0-beta.x/plugins/graphql.html#customise-the-graphql-schema).
I’ve made it work for me but you’ll have to dig up a little in KoaJS documentation to set cookies properly from the users-permissions controllers (cf. https://koajs.com/ and search there for ctx.cookies.set(name, value, [options])).
Also you should be careful of setting up CORS parameters correctly depending on your project’s hosting configurations (I am using Nginx proxies with different subdomains for the client and the api).
I can’t say for sure that I’ve implemented it the best way, but I can tell you that it is possible to achieve this goal for your own project by using the extending capabilities that Strapi offers.
devskope168d ago
How can I alter the users-permissions graphql schema, after implementing auth cookies, I want to override some schema types and resolvers.
See #6989