5

Do I need to do anything special concerning sessions/authentication? My server can't see my session after I login via restangular post method. The login is successful, but no sessions are being seen on the server afterwards. If I login with a normal post outside and then try to request a page, it works fine. I also notice that chrome is sending along the following in the headers:

Cookie:_rexbro_session=g2wAAAABaAJkAAxjdXJyZW50X3VzZXJhAmo=--E0687A67DBE48DA40B6957CBCF6E83FB0E612660

This is not being sent via restangular requests.

I should also mention that when I login via restangular, the server is responding with the following header:

set-cookie:_rexbro_session=g2wAAAACaAJkAAxjdXJyZW50X3VzZXJhAmgCZAAEdXNlcmgIZAASRWxpeGlyLlVzZXIuRW50aXR5ZAALRWxpeGlyLlVzZXJhAm0AAAASYXZvaWRpYW1AZ21haWwuY29tbQAAAA1KYXlzb24gQmFpbGV5bQAAADwkMmEkMTAkNHNsQVFFRGRDcXd1R3JNNVYwOXBTLkx3MHpVeElNLy5tbVM2eTVmc3BFa3NUbHhuTUtiMzJoB2QAFEVsaXhpci5FY3RvLkRhdGVUaW1lYgAAB91hBGEcYRFhD2EUaAdkABRFbGl4aXIuRWN0by5EYXRlVGltZWIAAAfdYQVhA2EVYR5hFmo=--D3F8D9A8355421B8571DB691ED5C082AD183B034; path=/; HttpOnly

but I don't see anything being done with it.

Thanks in advance.

EDIT: I should have stated that my server storing the session, the api server, is separate from the server serving the frontend.

Jayson Bailey
  • 994
  • 10
  • 23
  • Looks like your server is setting the cookie on the client OK and the client is attempting to send it back. Do you have multiple application servers? Can you validate that the second request contains the cookie and hits the correct server (the one with your session) on your second request? I had a problem with a load balancer not recognizing cookies set via XHR. I had to do a full HTTP reload when setting the cookie to get the LB to keep my http requests going to the right server instead of going round robin across the farm. – pherris Feb 10 '14 at 19:26
  • I ended up just switching to token authorization. It because much easier and is working great. – Jayson Bailey Feb 11 '14 at 19:55
  • @JaysonBailey - do you have any sample code on how you implimented token auth for restangular? any snippets you could post would be awesome. im at that point now where i need to add auth to my restangular setup – timh Mar 21 '14 at 07:54

1 Answers1

5

I think your are looking for this: 

RestangularProvider.setDefaultHttpFields({
    withCredentials: true
});

add this lines to app.config

VinEzhu
  • 57
  • 1
  • 6
  • This config tells Restangular (or the $http object behind the scene) to include the `Access-Control-Allow-Credentials` header in the requests. Read [this thread](http://stackoverflow.com/questions/24687313/what-exactly-does-the-access-control-allow-credentials-header-do) for what this header does. – Justin Lau Feb 02 '15 at 11:18