Use credentialed requests for password updates #200
Conversation
|
When I try to change my password on this branch, it still errors but now the error is a 405 response. The API doesn't allow PUT for cross-domain requests, it seems.
|
|
I'm happy to leave this bug in the client for the time being, unless there's a burning need to get password reset working on staging. |
There was a problem hiding this comment.
This code now requests a PUT https://pr-6436.pfe-preview.zooniverse.org/users end point which isn't the API. This is a proxy to to the blob store and hence we get the x-ms-error-code | UnsupportedHttpVerb header response / 405 Method Not Allowed HTTP response.
The makeCredentialHTTPRequest needs to provide an API host and path URL to work correctly, not just a path.
Finally I don't think we need the credentialed request for password reset request but we most likely do for the others.
eatyourgreens
force-pushed
the
credentialed-requests
branch
from
6aece2a to
9f15210
Compare
|
I've made those changes and updated the staging branch. Changing your password works now, even if you aren't on the same domain as the API. |
Swap `apiClient.put` for `makeCredentialHTTPRequest` in `auth.changePassword` and `auth.resetPassword`. This should allow those client methods to work even when the client and the API are not on the same origin eg. when using the staging API.
eatyourgreens
force-pushed
the
credentialed-requests
branch
from
9f15210 to
46fdbac
Compare
|
I’ll get these changes out soonish as 5.2.3. |
Swap
apiClient.putformakeCredentialHTTPRequestinauth.changePasswordandauth.resetPassword.This should allow those client methods to work even when the client and the API are not on the same origin eg. when using the staging API.
Closes #199.
I've set up zooniverse/Panoptes-Front-End#6436 to test this branch, so you can try out the changes on https://pr-6436.pfe-preview.zooniverse.org.