-
Notifications
You must be signed in to change notification settings - Fork 0
SFU CAS CSSS Auth notes
Gabe edited this page Aug 24, 2024
·
1 revision
When a user logs into the sfucsss.org website, they start on the page https://sfucsss.org/<current-page>, then click on the login button. They are sent along the following path of links:
-
https://cas.sfu.ca/cas/login?service=https://api.sfucsss.org/login%3Fnext%3D<current-page>(%3Fnext%3D<current-page>==?next=<current-page>) -
https://api.sfucsss.org/login?next=<current-page>?ticket=...- the backend is given the token -
https://sfucsss.org/<current-page>- the current session.id is stored as a cookie & sent back & forth.
Sessions are 12 hours in length.