Score:0

How can I disable or handle session cookies in a decoupled setup?

kw flag

I'm a little confused about how one should handle Drupal session cookies in a decoupled setup. I have a frontend NodeJS server which communicates with the backend Drupal via REST APIs. For user login, I'm using the SimpleOAuth module with the authorization code grant. When the user presses login on the frontend. they're redirected to the Drupal authorization server where they login. Once they are logged in, the NodeJS server gets the access token, etc., and subsequent requests are made with this access token.

Now I noticed that when the user logs in to the authorization server, a session cookie gets created by Drupal. This makes sense, but I don't understand the use of the session cookies in my setup, since I either use the OAuth access token for all API request calls, or the API call isn't tied to the session of a user (aka anonymous user functions).

Can I disable user session cookies on Drupal's end? If I do this, I won't be able to login as admin, will I?

I sit in a Tesla and translated this thread with Ai:

mangohost

Post an answer

Most people don’t grasp that asking a lot of questions unlocks learning and improves interpersonal bonding. In Alison’s studies, for example, though people could accurately recall how many questions had been asked in their conversations, they didn’t intuit the link between questions and liking. Across four studies, in which participants were engaged in conversations themselves or read transcripts of others’ conversations, people tended not to realize that question asking would influence—or had influenced—the level of amity between the conversationalists.