How to add credentials to a Hono client?
I see hono documentarion unfortunately lacks a lot of information on how to use it appropriately, and It's no different with this piece of information, so I'd like to know how to or if it's even possible to make authentication via cookies. Can anyone help me?
11 Replies
does this help? https://hono.dev/docs/helpers/cookie
hono also comes w basic + bearer auth middleware
and there are hono integrations for a variety of auth services
I need a way to include credentials in the frontend, because I'm actually getting/setting cookies in the backend, but for some reason it sets but doesn't seem to be getting it, or at least it doesn't recognize it somehow, because it always throws an unauthorized route error. My API call only worked when I used a normal fetch with the option credentials included, or when it wasn't a cross-site request, that's why I think the problem is the lack of credentials included
i'm not sure i follow all of this
if you have a concrete/specific problem, could you share:
- what your current setup is
- what you're trying to accomplish
- what isn't working as expected?
and some snippets will probably be helpful
It's simple. I want to access authenticated routes, but whenever I try to access an authenticated route the authentication doesn't work and it returns 401 unauthorized (the message I configured to when it can't authenticate).
I don't quite understand why, but I know it works when it's in the same route/port or something like this, but as soon as I change for different ports or sites it doesn't work. Adding the
credentials: include to the fetch function and some other configurations in the backend made it work, but I don't see any credentials: include option in Hono, and that's all I need and want to make these routes work cross-site.
You can take a look at the repo if you want to here
https://github.com/AmodeusR/expense-trackerthere's no such thing as "simple" when it comes to code
Well.. it was simple with the fetch function
it might have felt simple to implement, but there's still a lot going on
i still don't really understand what issue you're experiencing. it sounds like you've set up a cookie-based auth route, but you're running into cors issues
that's probably where i'd start
but tbh, the answer to your issue is probably hidden in all the details you're omitting
The cors are already allowed, the cors error is different from a 401 unauthorized error that as I said I myself configured to happen if the authentication fails. I already shared the repo, so there's nothing more I'm omitting, the only thing I wanted was a way to add the option I said I wanted, since such option made things work with the javascript fetch function, so it'd likely make hono work as well
As I said previously, I'm making authentication via cookies, but the cookies aren't being sent because it's a cross-site connection and to make the cookies be sent the fetch function needs the
credentials: include added to it, hence I came here to know how to add it to the hono client function, because I don't want to use the fetch function, but the actual honojs clienthere are the hono docs RE initializing RPC requests: https://hono.dev/docs/guides/rpc#init-option
the hono docs are actually fairly comprehensive. they're not always super clear, so you do have to read them closely
but idk that i've actualy come across anything that wasn't documented at all yet
as w any newer/bleeding edge tech, a little patience goes a long way
That was exactly what I needed. The init option is where I can put the
credentials: "include" option and it worked now. Thanks for you help and time!
About the hono docs, it's reasonably organized and simple, but it really lacks in profundity and clarity. As you see, I couldn't find what I needed and I would never, because the only thing I knew is that I needed to add the said option, but I'd never find it even if I searched for it because there is nothing stating anything about credentials in Hono Docs.
Sure it might be a lack of knowledge of my part, but I've tinkered with other docs in the past that I knew zero things about the tech I was using, and even then I could do exactly what I wanted. I was just hoping I would get a nice experience like that and not be frustratingly stuck in a problem that I know is simple, but I simply can't overcome it because of pure lack of accessibility of knowledge.i agree that there are places where the hono docs could be clearer or more thorough. to some degree, that's the name of the game on the bleeding edge
but hono is also built to be super flexible, which makes it impossible to cover every possible case
my recommendation is to read through the relevant hono docs thoroughly when working with a new helper or middleware
in your case, you knew that you were using RPC, so reading the RPC guide seems like a natrual choice
the hono docs definitely aren't enterprise-scale, and like the framework itself, some work is left to the developer
this is the tradeoff imo: hono gives you more freedom/flexibility, but that means developers have to handle what hono doesn't