Setting cookie from Response Header Set-Cookie

[hasanheroglu]

Me and @egekorkan encountered with a case where we need to send session information to interact with a Thing. Therefore we thought, the token can be sent as a cookie, when security scheme is defined as below. In case there are no problems with this kind of logic, I can implement it.

"securityDefinitions": {
    "bearer1": {
      "scheme": "bearer",
      "in": "cookie",
      "name": "session_name"
    }
  },
"security":` "bearer1",

[egekorkan]

Just some small clarifications:

• session_name is custom per application so that will appear in TD but will be different each time.
• We will use the credential storage with the same token config as usual:

servient.addCredentials({
    "urn:dev:wot:org:eclipse:thingweb:my-example-secure": {
        token: "1/mZ1edKKACtPAb7zGlwSzvs72PvhAbGmB8K1ZrGxpcNM"
    },
});

• The session can expire so this needs to be adjusted over time. This is a use case for needing a more flexible credential storage but we can get around it for now

[danielpeintner]

In case there are no problems with this kind of logic, I can implement it.

Did you already experiment/test it with node-wot?
I am curious to see what would need to change...

[egekorkan]

I am curious to see what would need to change

Only binding-http should be affected, I think