Authorization & Security

If, after configuring the two endpoints, you need to allow Asyncher to communicate with credentials/token to the server, doing so is very simple.

Asyncher does not need any configuration and does not care about the type of authorization you have developed on your backend. The client will directly send to it the credentials. Look at this example:

void callAsyncherExample(url, data, token) async {
  // Fetch all data
  List<ExampleData> allData = getAllData();
  
  // Send http request to Asyncher with the data encoded in json
  final response = await http.post(
    url,
    headers: {
      'Authorization': 'Bearer ${token}',
      'Content-Type': 'application/json'
    },
    body: jsonEncode(data)
  );
  
  // Update database with synchronized data
  deleteAllData();
  insertAllData(response.body);
}

This is a usual call to Asyncher with the difference that the Authorization field has been added to the header. Asyncher looks to see if there is an Authorization field in the header of the request made by the client and then uses it to make requests to pull_url and push_url.

If you have developed a security that does not use the Authorization field in the header, please don't hesitate to let me know.

Last updated 9 months ago