<div dir="ltr">I'm not very familiar with cowboy but AFAIK generally...<div><br></div><div>The last opportunity to set a cookie over HTTP (e.g. with cowboy's resp functions) is when you do the upgrade to websocket:</div>
<div><br></div><div style>client -> GET /websocket.endpoint</div><div style>server -> Upgrade : ... header; Cookie: header or whatever it looks like</div><div style><br></div><div style>So once you're talking over websocket, it's too late. If you really want to set a cookie and auth over websocket, you can send the cookie over websocket and set it using javascript on the client.</div>
</div><div class="gmail_extra"><br><br><div class="gmail_quote">On 30 January 2013 01:36, Alex Babkin <span dir="ltr"><<a href="mailto:ababkin@gmail.com" target="_blank">ababkin@gmail.com</a>></span> wrote:<br><blockquote class="gmail_quote" style="margin:0 0 0 .8ex;border-left:1px #ccc solid;padding-left:1ex">
<div dir="ltr">Hi all<div><br></div><div>Imagine an auth protocol over a websocket: client sends credentials, server responds with either success or failure. If success, it should set some persistent state so if the user reloads the page, the session will continue until either logout or some timeout</div>
<div><br></div><div>I'm trying to set a cookie from a websocket handler, such that after a page reload, in the websocket handler init i can try to read back the cookie and check for it's validity and if valid, resume the session without the user needing to login again</div>
<div><br></div><div>here is some code i tried with no success, i.e upon reload, the cookie is no longer there (or perhaps is never getting set by the handler to begin with)</div><div><br></div><div>
<div>websocket_handle({text, Input}, Req, State) -></div><div> lager:debug("stream received ~s", [Input]),</div><div> Req2 = cowboy_req:set_resp_cookie(<br></div><div> <<"auth">>,</div>
<div> [<<"test">>],</div><div> [{max_age, 600}, {path, "/"}, {secure, true}, {http_only, true}],</div><div> Req</div><div> ),</div><div> {ok, Req3} = cowboy_req:reply(200, Req2),<br>
</div><div> {ok, Req3, NewState}.<br></div></div><div><br></div><div>... or alternatively:</div><div><br></div><div><div>{reply, {text, Output}, Req2, NewState}.</div><div><br></div></div><div>
as the last line</div><div><br></div><div>after the socket terminates and i try to reload page i do this in websocket init:</div><div><br></div><div>{Cookie, Req2} = cowboy_req:cookie(<<"auth">>, Req),<br>
</div><div><div><br></div><div>and there are no cookies</div><div><br></div><div><br></div><div>any ideas what i'm doing wrong?</div><div>is this even possible with websocket or do i pretty much have to have a dedicated regular http roundtrip to set the auth cookie?</div>
<div><br></div><div>Thanks</div></div><div><br></div><div><br></div></div>
<br>_______________________________________________<br>
erlang-questions mailing list<br>
<a href="mailto:erlang-questions@erlang.org">erlang-questions@erlang.org</a><br>
<a href="http://erlang.org/mailman/listinfo/erlang-questions" target="_blank">http://erlang.org/mailman/listinfo/erlang-questions</a><br>
<br></blockquote></div><br></div>