See #1108: support using OAuth instead of JWT in front when logging in to a different domain
See #1108 (closed)
When trying to login with the SPA on a different domain (typically happens in development when pointing the frontend to a different domain), use Oauth instead of JWT:
-
Create an OAuth app and redirect user to authorization screen on the api domain -
Handle redirection and store oauth app/credentials -
Use oauth Bearer
token instead of JWT for authentication when doing ajax requests -
Refresh oauth token transparently when it is expired, via axios-auth-refresh