Assume these:
A -----------------------> B
(Sender website) (Angular website)
We implemented a normal Angular SPA (B) that its index.html and other resources are simply hosted in IIS and there is a simple rewrite rule for handling the routes in Angular. Users in Angular need to login and they get a JWT token and it is storing in browser storage.
There is a website (A) that wants to redirect users to Angular website but we want to pass the JWT token from A to B too, because the tokens are the same and we want to prevent user from logging in again.
Website A can send the token in a post request header while is redirecting to B. The problem is that JS (Angular) can't directly get the header parameters because they are sending to IIS.
The question:
Is there a way in IIS, we could get the token from the request and set it in html attribute while retrieving the index.html? so then, JS can check it's html elements and will find the token.
Is the above technique correct? if not, could you please give your suggestion?
We couldn't do this achivement only by IIS, finaly we wrote a simple Node.js application as a backend that when you call it, it loads Angular files.
Site A paases the token to the site B (which is hosting the Node.js backend) in the header through a Post request. Then the node application returns the token in the cookies.So when the angular application loads up, itreads the token from the cookies.
At last we put the Node application into the IIS.
Hope it helps other people.