I think that for security reasons the headers aren't readily accessible. If they were you can imagine the hacks the malcontents would be making using them.
The idea of using a light weight ajax call is perfect for this. The call back on the client would only need to receive a boolean yes/no wrapped in a json object to resolve the question. That's rather a secure mechanism in my opinion. On the server, a user object could be stored in session state to indicate he/she is logged in. So the processing on the server is minimal. In fact, I use this same technique in all my applications including those for other platforms. Other than those that are forced upon me - such as session id - I avoid using cookies. Just my $0.02. 2010/7/30 Jaroslav Záruba <[email protected]> > ...which leads me again to wishing for http-headers being accessible in JS. > :( > > 2010/7/30 Jaroslav Záruba <[email protected]> > > On Fri, Jul 30, 2010 at 8:44 PM, Ikai L (Google) <[email protected]>wrote: >> >>> The "correct" way is to make a request back to your application in >>> Javascript. You can do cookie hacks, but these have a tendency to be brittle >>> and hard to manage. >>> >> >> My understanding is that the original poster wants to have that >> information at hand *without* any further trips to server, and (most >> importantly) only as kind of hint. Obviously I don't use that cookie as >> authorization or password. :) >> >> >>> On Fri, Jul 30, 2010 at 11:18 AM, Jaroslav Záruba < >>> [email protected]> wrote: >>> >>>> I'm keeping a cookie for that. >>>> >>>> >>>> On Fri, Jul 30, 2010 at 8:13 PM, Saqib Ali <[email protected]>wrote: >>>> >>>>> How do I check if the user is currently logged in using their Google >>>>> Account in Javascript? I can set some hidden field to do that, but is >>>>> there a more elegant way to do this? >>>>> >>>>> saqib >>>>> >>>>> -- >>>>> You received this message because you are subscribed to the Google >>>>> Groups "Google App Engine" group. >>>>> To post to this group, send email to [email protected] >>>>> . >>>>> To unsubscribe from this group, send email to >>>>> [email protected]<google-appengine%[email protected]> >>>>> . >>>>> For more options, visit this group at >>>>> http://groups.google.com/group/google-appengine?hl=en. >>>>> >>>>> >>>> -- >>>> You received this message because you are subscribed to the Google >>>> Groups "Google App Engine" group. >>>> To post to this group, send email to [email protected]. >>>> To unsubscribe from this group, send email to >>>> [email protected]<google-appengine%[email protected]> >>>> . >>>> For more options, visit this group at >>>> http://groups.google.com/group/google-appengine?hl=en. >>>> >>> >>> >>> >>> -- >>> Ikai Lan >>> Developer Programs Engineer, Google App Engine >>> Blog: http://googleappengine.blogspot.com >>> Twitter: http://twitter.com/app_engine >>> Reddit: http://www.reddit.com/r/appengine >>> >>> -- >>> You received this message because you are subscribed to the Google Groups >>> "Google App Engine" group. >>> To post to this group, send email to [email protected]. >>> To unsubscribe from this group, send email to >>> [email protected]<google-appengine%[email protected]> >>> . >>> For more options, visit this group at >>> http://groups.google.com/group/google-appengine?hl=en. >>> >> >> > -- > You received this message because you are subscribed to the Google Groups > "Google App Engine" group. > To post to this group, send email to [email protected]. > To unsubscribe from this group, send email to > [email protected]<google-appengine%[email protected]> > . > For more options, visit this group at > http://groups.google.com/group/google-appengine?hl=en. > -- -- Jeff -- You received this message because you are subscribed to the Google Groups "Google App Engine" group. To post to this group, send email to [email protected]. To unsubscribe from this group, send email to [email protected]. For more options, visit this group at http://groups.google.com/group/google-appengine?hl=en.
