How to send an authorization header in Server Connect from Client to Server (node.js)?

Wappler General
#1

TLDR; how do I send an authorization header from client to Server Connect Actions?

I’m creating an electron app that will connect to an “API” server. I am also integrating with auth0 (not sure if I want to do this long term, but using it for now. Hoping it doesn’t cause too many headaches while using Wappler).

I followed the steps outlined here to integrate auth0 with the Electron app and API Server.

To start, I am initially presented a logon window.

image
image1238×856 32.4 KB

Once I’ve authenticated the main app window displays.

image
image981×739 28.4 KB

I can then press the “Get Private Message” button to validate that the secure endpoint is accessible.

image
image984×744 30.4 KB

This is the main code on the server that is being used.

app.use(jwt({

    // Dynamically provide a signing key based on the kid in the header and the singing keys provided by the JWKS endpoint.

    secret: jwksRsa.expressJwtSecret({

        cache: true,

        rateLimit: true,

        jwksRequestsPerMinute: 5,

        jwksUri: `https://${envVariables.auth0Domain}/.well-known/jwks.json`

    }),

    // Validate the audience and the issuer.

    audience: envVariables.apiIdentifier,

    issuer: `https://${envVariables.auth0Domain}/`,

    algorithms: ['RS256']

}));

app.get('/private', (req, res) => res.send('Only authenticated users can read this message.'));

Now I want to expand this to all Server Connect actions (i.e. GET, POST). I believe the only thing I need to do is send the Authorization header in the Server Connect actions on the client, but I’m not sure how to add them. Is this possible or am I going about this the wrong way?

image
image443×853 23.4 KB

Server Connect vs REST API -- why use one over the other?
#2

@JonL I think you were working on something that required headers as part of the server connect. Did you figure it out? If so, do you know the steps required?

#3

In my case it was setting the headers content type in the response. Not on the request.

#4

Damn, so near and yet so far.

We can add request headers.
We can set a hardcoded value.
We can set a dynamic value… but those values aren’t the normal dynamic options (see screenshot).

I would have expected to see session objects available here.

Capture
Capture562×790 20.2 KB

Andy

#5

Are you sure you are not confusing browser sessions with server sessions?
If you want to use server sessions you should first define them under globals and they will be available in the date picker.

#6

Ok god I’m such a twat! Working + home-schooling + trying to get my head round this project = frazzled brain.

Thanks Teodor. We can include session data on client-side API requests

And such a quick response as well! :slight_smile:

Regards,
Andy