I'm making a chrome extension (with link submission feature) for my Django-powered site. I'm using django-tastypie to post links from JavaScript. However, I can't figure out how to access django sessions from JavaScript in order to determine the submitter of the link. Using console.log(document.cookie) doesn't sound like the possibility as document.cookie obviously accesses the cookie from the current page, not the cookie from my django-powered website. Any help would be appreciated.
There are two ways to do this as far as I can tell.
Implement oAuth on your Django app server side, and use a Javascript oAuth method to authenticate your users. This is probably alot of work for you if you don't already provide oAuth, so is probably a bad idea.
Use an iframe with a page from your site. Inject a content script into the iframe and pull data from it. You might have to set up a specific endpoint.
In your manifest using a match pattern:
{
...,
"content_scripts": [
{
"matches": ["http://yoursite.com/api/extension"],
"js": ["content_script.js"],
"all_frames": true
}
],
...
}
The endpoint, loaded into an iframe by another content script, might look something like this:
...
<div id="user_info">joe_user</div>
...
Then your script would pull the textContent of the #user_info div and send it to the background page for your use:
var elem = document.querySelector('#user_info');
chrome.extension.sendMessage({
text: elem.textContent
});
For more on messaging, see Google's Message Passing documentation.
I think that should work for you if all you need is user information. I wouldn't send any sensitive information like this though.