I'm using express and passport (100% https) with a basic local session/cookie strategy and I'm trying to allow users to submit a request to capture their view, save the image server-side, and then res.download(). The problem is I need Phantom to authenticate & authorize based on the person sending the request. When I send a request to Phantom, it only captures the login page because isn't authenticated.I think I'm hitting a brick wall because it seems like the root of my problem is not using JWT, which might make it easier to authorize Phantom to behave as the user.My other option seems to be making the user type in their password on every Phantom request, which would make Phantom post to a login route and forward to the desired view for capturing. It seems like I could take the user's password and then use something like Slimer or Casper to log the user in. However, that seems like a situation I wouldn't want to get myself into (source).Does anyone have any suggestions on how I can achieve a secure screen capture without much additional overhead? Thanks for your time!
Submitted March 07, 2016 at 04:15PM by sdawson26
No comments:
Post a Comment