I'm having trouble figuring out how to persist a session on an iOS Cordova app.
I'm using Node.js/Express on the backend and Angular on the front-end. My onboarding processes work properly and everything is dandy until the user closes the application. When it is reopened, the user has been logged out.
I understand WHY this is happening, but I'm having trouble figuring out how to prevent it. Can I use local storage to store and retrieve a cookie? If so, what's the preferred method?
I believe you could use whatever value you want in LocalStorage, as long as you don't get messy with multiple users using the app.. Just check for that value when the app starts and do the magic for user already logged in.
If you want to add more security, perhaps you can save a token in LocalStorage, when the app starts, retrieve that token and compare it against your backend, to check if it's active or not, after that, more coding magic :)
The second option will make the user's workflow a lil bit more slower due to the app request and the server response.
What data should you save? That's up to you, depending on your app, what it needs to 'boot'. If you use a token, you can send the needed data in the server's response.
There should be always something that identifies that user on the server, and not only his username or id, I believe you use something to tell the server that THIS USER is logged in while the app interacts with the server.
Some data about LocalStorage: https://cordova.apache.org/docs/en/4.0.0/cordova_storage_storage.md.html
PS: If you are already using AngularJS, you should check Ionic Framework and ngCordova.
Good luck!
Related
I have one app on abc.website.com that authenticates users using devise with Ruby on Rails. I have to setup a react app on def.website.com that only works if the user is logged in on abc.website.com (abc uses devise)
We have to add a link in the navbar of abc.website.com that redirects to def.website.com.
Any suggestions on what the best way to do this is?
I'm a total ruby noob but good with javascript.
thanks a lot
appreciate the help
Here is one of a solution : Token Based Authentication.
JWT also is a fine idea.
The rails app can also store a cookie (for example use the rails session cookie) in the clients cookie store. This gets sent to the rails app on every request by the react app and you can verify the identity of the user by reading this cookie.
There are very few adjustments needed for this approach (and they would also be required for JWT - which I don't want to badmouth, it is also a viable and good approach).
An upshot of this is that almost no data needs to be stored at the client. Only an ID that makes it easy for the rails backend to identify the user and achieve all needed informations.
On the other side, if you want to store all the data at client side this is also possible.
I would say there is no clear advantage of rails session over JWT or vice versa. But generally this is how it should be implemented: By giving the client the necessary information which then gets passed over to the backend again.
Am trying to make an app that runs both online and offline but i want my user to be authenticated or to be logged in once. So after the initial login i want them not to be able to see the login form again, i want to show them a new part of the app. They should be only to see the login form only when they decide to logout. My problem is that it would have been easier for me to do this if they are always online but they might be offline too so i just need them to login once and next time they boot up the app they wont see the login form again rather they would see something else.
There is no authentication offline. Authentication is made so that the server-side makes sure it is used by a given identity because you can never trust the client-side. If there is no server-side, there is no authentication process.
If you just want to let the user use your application, even though he is online, why don't you store a local copy of the user profile within the local storage after a successful authentication? (with only non critical data of course).
This way, your application can rely on its memory to fetch the user profile and not the server while it is offline.
You could save an kind of "userIsAuthenticated"-Flag to local storage (see https://facebook.github.io/react-native/docs/asyncstorage.html).
Based on this flag you could decide which screen the user see on startup.
But be aware, it could drive your Users crazy, if they have allways to relogin, if the network-connection (maybe cause of bad 3g/4g) was Interrupted.
You also give a notice if a user is offline, that they have to be online to use this app.
BTW: To request if a user has Network-Connection you can use: http://facebook.github.io/react-native/releases/0.48/docs/netinfo.html#netinfo.
Don't forget to set permissions in AndroidManifest.xml to be allowed to use the request.
I'm trying to make a basic social networking application following Write Modern Web Apps with the MEAN Stack book.
The end result should be: https://mean-sample.herokuapp.com/
I got through to getting user accounts set up, having a user log in and create a personalized post. But as soon as I refresh, the user gets logged out.
What am I doing wrong? And how do I fix this?
In the client side we cant maintain the session, we need the server support to it. There are many ways to maintain the session
1 Token based, for each request to the server, the server will check whether token exists or not.
2 We can store in the localstorage while refresh the rootscope will be, at that time we can take from local store and populate the page objects.
Maintaining in server side is secured and advisable.
use localstorage, it will help you in maintaining the session and also store user details temporarily.
Refer this for more details
https://github.com/grevory/angular-local-storage
Well I am trying to build a web app with angularjs. In my webApp there is a login page aside with register page. My main problem is how to implements a login page and maintenance session with the specific user, the warning dots that came up with this scenario is when the user going to log in my web app, I will probably send a post to the server and then will get a successful result if the user and password are okay. now during the whole application the user may use his own properties like: money, friends, age, etc... now in this situation I would like to use a session that contains all of the "data" of this specific user, but when I use angularjs, because the whole thing is on the side client, I dont think its a good idea to save the password and critical information about the user in the client side, but still i need any verify information for this user, to know that he is who is he.
I don't know how to implements this scenario good when i use angularjs, with php it may be more convenient, because there is session, which stays in the server side, and I have to worry a little bit lower than using angularjs. Can someone clear this situation?
You don't want to save classified data on the client. This data has to come from the server.
This means that the angular controller that supposed to show this data must retrieve is from the server.
You should have a service that will use $http to get this data from the server using Ajax.
In order to retrieve the data for a specific user your client should send a token to the server that uniquely identifies the user.
This token will be sent to the client as a result of a successful login.
The client will keep the token in a cookie or in the local storage and add it to every http request.
I'm using the Javascript SDK to access the SoundCloud API and I can't figure out how to maintain the connection using the javascript API.. every time I refresh, it makes you re-connect again, which is crummy for UX.
How can get the access_token so that I can store, and then subsequently, how do I re-send that token to authorize so the user doesn't need to reconnect each time they visit the page.
There's a ton of docs about how to do it with PHP, etc...but nothing in Javascript SDK about access tokens.
I am pretty sure that the SC.isConnected() function was working, but now it just loads the connect button each time.
Everything is working correctly, I just don't want the user to have to reconnect each time.
You can use SC.accessToken() to access it. We are planning to provide some sort of session persistence and a better backend integration in the next 2 months.