I was wondering how I can establish a full foreman user session from my
single page web app. I can use basic authentication but that means I have
to send the credentials for every request (and on page reload I would lose
the information). I was playing around and tried to make post requests to
/users/login via javascript - without success. I got something working by
adding to my own login page a hidden iframe pointing to /users/login. When
user hits login I put the user credentials into hidden iframe
foreman-login-page and submit it. This is obviously not a really nice
solution - but works
Another solution would be to serve the static content directly via foreman
(no idea how to do that), but how would I force the browser to go to my app
instead of foreman?
Do you have any other solution in mind?
Is it planned to provide a v2 api for login anytime? With a API I could for
example receive a session id and write the needed cookie myself.
Side nodes:
static app will be server from same server -no crossdomain or trust
issues (just extended https conf)
> HI All,
>
> I was wondering how I can establish a full foreman user session from my
> single page web app. I can use basic authentication but that means I have
> to send the credentials for every request (and on page reload I would lose
> the information). I was playing around and tried to make post requests to
> /users/login via javascript - without success. I got something working by
> adding to my own login page a hidden iframe pointing to /users/login. When
> user hits login I put the user credentials into hidden iframe
> foreman-login-page and submit it. This is obviously not a really nice
> solution - but works
I believe you should be able to get a session for basic authentication -
then keep on requesting things using that session. The Ansible inventory
does that:
> Another solution would be to serve the static content directly via foreman
> (no idea how to do that), but how would I force the browser to go to my app
> instead of foreman?
>
> Do you have any other solution in mind?
> Is it planned to provide a v2 api for login anytime? With a API I could for
> example receive a session id and write the needed cookie myself.
I don't think anything is planned
···
On 02/08, Daniel Kuffner wrote:
Side nodes:
static app will be server from same server -no crossdomain or trust
issues (just extended https conf)