WebHare community

Support for request-less WRDAuth logins is considered for deprecation

Running into

Support for request-less WRDAuth logins is considered for deprecation.

while building a test script.

I know that

(*IFVERSION >= 42700*)
LOADLIB "mod::wrd/lib/internal/auth/legacy-api.whlib";
__wrdauth_allow_requestless_login := TRUE;
(*END*)

solves it, but is there a better solution?

solves it, but is there a better solution?

It depends on your use case.

If you want to test a RPC or site that requires wrdauth, you could invoke it through a browser (which implements cookies). If you want to test an API directly and are just doing a fake login, you could also change the API to just take a user id as parameter.

If you use wrdauth in a test, what we’ve seen it’s often used as a very complex way to basically have a global variable ‘loggedin userid’. So just declare that global variable and set it directly in your tests without involving wrdauth? You’re not testing any of the cookie-setting and redirections wrdauth requires, so what you’re testing doesn’t really represent anything related to wrdauth

But wrdauth is full of workarounds to make it work without a request, and those workarounds regularly break.

Ok, thanks, I’ll do that then.

1 Like

You might actually be the only one known remaining user of it then… (we used it in one or two places, but switched to the “API with login id” approach)

Safe to remove now ?

Sure, no problem!