I have an Ionic React app, and I want to use Drupal’s session cookie, not Oauth or JWT.
Desired flow
- User logs in inside the Ionic app.
- User does stuff inside the app.
- User sometimes clicks a link to my Drupal site and is still logged in to the site because I am using a Drupal session token.
I have been using OAuth, but the problem with OAuth is that if I click a link to a page on my Drupal site (outside my app), then I am not logged in on that page.
In my case, I really need to be able to easily redirect from inside my app to the Drupal site and stay logged in, so I want to use the Drupal session cookie for this.
Where I’m stuck is how do I get the session cookie from Drupal using Javascript?
The jsonapi documentation gives this example:
`curl --header "Content-Type: application/json" -c cookie.txt
--request POST "http://example.com/user/login?_format=json"
--data '{"mail": "test@example.com", "pass":"password"}'`
However, I only have access to Javascript, not curl, in React. Also, I’m thinking that I may be over-thinking this and there is a really simple way to get the session cookie that I have overlooked.
So, how do I get the login session cookie via Javascript?
Background
I understand that the best practice is “use OAuth 2 or JWT; they are more secure.”
In fact, the Simple Oauth module has good documentation and I managed to set this up on my site using the Drupalize.me react tutorial.
