mirror of
https://github.com/digital-asset/daml.git
synced 2024-09-19 08:48:21 +03:00
update Daml Hub auth in create-daml-app (#9973)
* update Daml Hub auth in create-daml-app Current documentation says the token is passed as a cookie. This is a little bit more secure than passing it as a URL param, as it used to be. Note that while it is no longer documented behaviour, the token is actually still passed as a param (in addition to the cookie), so existing users are not broken (yet). Still, better if the code we generate for them matches our current docs. CHANGELOG_BEGIN CHANGELOG_END * review comment
This commit is contained in:
parent
997a7d449c
commit
0adbbdcd58
1
templates/create-daml-app/ui/.gitignore
vendored
Normal file
1
templates/create-daml-app/ui/.gitignore
vendored
Normal file
@ -0,0 +1 @@
|
||||
node_modules
|
@ -43,18 +43,19 @@ const LoginScreen: React.FC<Props> = ({onLogin}) => {
|
||||
window.location.assign(`https://login.projectdabl.com/auth/login?ledgerId=${ledgerId}`);
|
||||
}
|
||||
|
||||
const getCookieValue = (name: string): string => (
|
||||
document.cookie.match('(^|;)\\s*' + name + '\\s*=\\s*([^;]+)')?.pop() || ''
|
||||
)
|
||||
|
||||
useEffect(() => {
|
||||
const url = new URL(window.location.toString());
|
||||
const token = url.searchParams.get('token');
|
||||
if (token === null) {
|
||||
return;
|
||||
}
|
||||
const party = url.searchParams.get('party');
|
||||
if (party === null) {
|
||||
throw Error("When 'token' is passed via URL, 'party' must be passed too.");
|
||||
return;
|
||||
}
|
||||
url.search = '';
|
||||
window.history.replaceState(window.history.state, '', url.toString());
|
||||
const token = getCookieValue('DAMLHUB_LEDGER_ACCESS_TOKEN');
|
||||
login({token, party, ledgerId});
|
||||
}, [login]);
|
||||
|
||||
|
Loading…
Reference in New Issue
Block a user