ExtJS Default Headers (token authorization) Page Refresh

Question

I have my ExtJS application that on success login I set an Authorization Token so I can send that on every Ajax Call to my server:

success: function (response, opts)
                {
                    var obj = Ext.decode(response.responseText);

                    // set authToken
                    util.Util.authToken = obj.data.SessionId;

                    Ext.Ajax.defaultHeaders = {
                        'Authorization': 'Token' + obj.data.SessionId
                    };

It's working great. Now I implement Ext.ux.Router so I can refresh my browser and I can stay where I was, but I realize that when my browser refresh I loose my defaultHeader token.

Any clue on how to solve this?

score 0 · Accepted Answer · answered May 02 '14 at 20:38

0

What about save this SessionId in cookie? And if it exists - use it, otherwise send request.

answered May 02 '14 at 20:38

Andron

6,413
4
43
56

Do you recommend to encrypt that session on the cookie? – VAAA May 03 '14 at 16:54
You know - the best way is to be to protect your session to be stolen. That's why it is a good idea to set session cookies as [httponly](http://www.php.net/manual/en/session.configuration.php#ini.session.cookie-httponly). So the best way is to don't do as you want :) I don't see any advantages to encrypt that `SessionId` in that cookie. – Andron May 03 '14 at 17:10

ExtJS Default Headers (token authorization) Page Refresh

1 Answers1