Problems with using superlogin on apps

What’s the problem ?

I’ve some problems using superlogin while creating an app with nodewebkit

I’ve used superlogin-demo as a base.

But had to overwrite some parts like the logout in routers and the authorization on the profile refresh.

The main problem is that in superlogin, passeport’s “bearer” and header.authorization on http request are often used to find the user’s session. But it looks like if the server and the client aren’t hosted on the same computer, it doesn’t work.

Here are some “patch” that I used in my fork :

Commit 1 Commit 2

How to repeat the problem, without Nodewebkit ?

1. Clone superlogin-demo
2. Configure superlogin-demo server, and start it with npm start (like said in the Readme)
3. Copy the client part on an apache Server
4. Start the apache server, and access to the superlogin-demo Client by Apache.
5. Remove “<base href="/">” in index.html, and remove the use of $location in src/app.js and src/token/token.js (By passing the problem parts as comment)
6. In src/app.js, configure superloginConfig.baseUrl to set your nodejs server url (Like http://localhost:3000/auth/)
7. Sign-up and/or log-in
8. Try to** log out** and you should have also a 401 error on superlogin-demo Server

{ error: 'unauthorized', status: 401 }
POST /auth/logout 401

1. You’ll have the same problem when you try to access to the user’sprofile. But to see the 401, you have to modify the url of the http.get in src/profile/profile.js and you should see 401 error on superlogin-demo Server. Url sample : http://localhost:3000/user/profile

If you try it in localhost on you computer, you should need to add cors to the nodejs server

I’ll try to easily upload a .zip with the nodejs server and apache client ready, so it’ll be more easy to setup.

I’ve also tried it with a distant server, to see if it’s not the cors and localhost the problem but the same problem occurs.

So, is there a way to solve more easily my problems than my patches ?