Hi Manu, Yes we can say that this is almost 90% a front end app. But in order to provide access token and to prompt login when access token is missing we use back end functionalities of UUF. We are not trying to protect UI templates through cookies. What we are trying to do is provide access token via the uuf app. We are trying to do the login prompt using the uuf app. So if token is missing micro service layer will not be invoked and login will be prompted through the uuf app. AFAIU what you are suggesting is to move this logic to micro service layer and prompt login from there.
On Mon, Feb 6, 2017 at 5:44 PM, Manuranga Perera <[email protected]> wrote: > I assume you guys have a /auth API, this can set a cookie [1] just has > easily as UUF. And all your other APIs can read the cookie. > Yes we have /token api as a micro service bind to the uuf app which sets the cookie. > > > [1] http://stackoverflow.com/questions/3340797/can-an-ajax- > response-set-a-cookie > > On Mon, Feb 6, 2017 at 12:06 PM, Manuranga Perera <[email protected]> wrote: > >> So you guys don't want to use UUF for its backend rending, just as a >> static server and want to do a frontend app, that's cool. But then properly >> write a frontend app. Seems like you guys don't know how to write a SPA and >> running back to bankend app logic. >> >> If your UUF UI don't have any data (just templates) then there why do you >> need to cookie protect them. You need a custom auth mechanism for your >> microservices where half of the value is picked from the cookies, this has >> nothing to do with protecting UI. >> > > > > -- > With regards, > *Manu*ranga Perera. > > phone : 071 7 70 20 50 > mail : [email protected] > -- Rajith Roshan Software Engineer, WSO2 Inc. Mobile: +94-72-642-8350 <%2B94-71-554-8430>
_______________________________________________ Dev mailing list [email protected] http://wso2.org/cgi-bin/mailman/listinfo/dev
