So I'm working on the web side of a mobile + web app and I'm running into an issue where a request to sync gateway makes the browser do its Basic Authorization prompt dialog if there isn't a valid session.
What I wanted to do was have the app make a call (via swagger) to whatever endpoint the user needs for that part of the app, and if it throws back 401 unauthorized, update the state in the app to bring the user back to the login page clear the old cookie etc .
How do I do web authentication without running into this weird browser popup?
Put sync gateway behind nginx proxy and tweak the responses if its 401 so that the browser won't do the popup?
Maybe there's some way to disable the basic auth headers in config file?
I'm running react, redux, swagger, and the sync gateway is on different host so requests are using CORS.
I've found a similar topic but not really a solution
Is there a way to disable Sync Gateway basic auth requests in browser? Sync Gateway
I recently found out we had the Guest user enabled in our development and production instances. I disabled it since I don't want a bot being able to fill our db with random documents. I now have the problem that sync gateway sends a basic auth 401 response if a user tries to do something on our site and they are not logged in. It is a rare occurrence (e.g. a request takes a long time to get sent and they happen to click Log Out before it is sent) but I don't want users to ever see a confusing ba…
If I enable guest user like in their solution, I'm still not sure how to programmatically determine whether the user needs to log back in.
How do you guys normally handle old/non-existent sync gateway sessions in web app?
Thanks!