See #1108: support using OAuth instead of JWT in front when logging in to a different domain (!1127) · Merge requests · funkwhale / funkwhale

Agate requested to merge 1108-oauth into develop May 18, 2020

When trying to login with the SPA on a different domain (typically happens in development when pointing the frontend to a different domain), use Oauth instead of JWT:

Create an OAuth app and redirect user to authorization screen on the api domain
Handle redirection and store oauth app/credentials
Use oauth Bearer token instead of JWT for authentication when doing ajax requests
Refresh oauth token transparently when it is expired, via axios-auth-refresh

See #1108: support using OAuth instead of JWT in front when logging in to a different domain

Merge request reports