Replies: 1 comment 1 reply
-
|
Rodauth is designed to handle authentication. It is not designed to handle authorization. I apologize, but I don't think I can provide further assistance here. |
Beta Was this translation helpful? Give feedback.
1 reply
-
|
Thanks, that's what I thought. There's https://github.com/HoneyryderChuck/rodauth-oauth. Do you know that gem? Maybe I'll have time to take a closer look. |
Beta Was this translation helpful? Give feedback.
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
-
Hello @jeremyevans,
I've been working with rodauth for about a week now and I think it's great. I wonder how you would implement an Authorization Code Flow.
Short description of the use-case:
I have an Authorization Server (rodauth), which should provide a login. If the user logs in successfully, the response contains an authorization code. Then the client is redirected to the resource-server client and continues the login. The resource-server exchanges the authorization code for an access token and sets a http-only cookie, so that the client can consume the resource-server-api.
How to generate the authorization codes, and how to store them for the exchange? Are there rodauth features that offer something like this? How would you go about it?
Thanks
Beta Was this translation helpful? Give feedback.
All reactions