Catch editors 'access_token' from httpAdminMiddleware

Daft11 · 26 August 2021 05:32

Good day, ladies and gentlemen. Need your expertise.

With help of other topics from this forum I managed to configure my adminAuth module. It's working great! I chose as an option to pass access_token through editor url query (?access_token=<ACCESS_TOKEN>).

The main question is.
Can i have an access to this token from httpAdminMiddleware? I tried to catch it from request referrer but somehow referrer shows in request without queries.
looks like this: http://127.0.0.1:1880/?
Maybe there is the way to fix this behavior or any other way to store data into current session and then receive it on httpAdminMiddleware.

I would also explain why i need this. On every request from Node-Red to my other server i need to provide some extra headers. I thought to manage it with httpAdminMiddleware and since Node-Red have express maybe you could recommend any better approach (something like express.use() on Node-Red requests)?

TotallyInformation · 26 August 2021 17:10

Have you checked the req.headers?

Both req and res are available to the middleware, the only question is - where in the stack the httpAdminMiddleware sits.

Also, don't forget that that middleware doesn't actually get called all that often because once you've loaded the Editor, you don't necessarily get that many admin web requests.

system · 25 October 2021 17:10

This topic was automatically closed 60 days after the last reply. New replies are no longer allowed.

Topic		Replies	Views
Accessing the Admin-API General	4	602	6 May 2022
httpAdminMiddleware setting for authentication from parent website General	3	809	14 September 2020
When to use which? RED.httpNode vs RED.httpAdmin Developing Nodes	5	2492	2 July 2020
User context in httpAdminMiddleware? General security	6	627	13 May 2022
Issues using new token attribute in AdminAuth General	9	685	7 September 2020

Catch editors 'access_token' from httpAdminMiddleware

Related Topics