March 2018
Beginner to intermediate
410 pages
10h 40m
English
Now that our web services are protected, we need to update our JavaScript to match this change. We begin by getting the current session token, as follows:
var SessionToken = null;
function GetSessionToken()
{
var xhttp = new XMLHttpRequest();
xhttp.onreadystatechange = function ()
{
if (xhttp.readyState == 4)
{
if (xhttp.status == 200)
{
SessionToken = xhttp.responseText;
window.setInterval(RefreshGauge, 2000);
}
delete xhttp;
}
};
xhttp.open("POST", "/GetSessionToken", true);
xhttp.send("");
}
GetSessionToken();
When we have the token, we only need to add it to requests being made, using the BearerAuthorization header, to pre-empt the WWW-authentication step, as follows:
xhttp.open("GET", "/Momentary", true); ...Read now
Unlock full access