For now I have included following check on the main.hbs (layout included
for all pages) . If the token is missing then it will redirect to login
page.
For others information,
We had a off-thread chat, and Rajith will try something like below and see
if that works
if(!(document.cookie...)){
window.location.href = ... + "/login";
}
On Mon, Feb 6, 2017 at 1:25 PM, Manuranga Perera wrote:
> Hmm ok.
> But will it (eg: sso)
Hmm ok.
But will it (eg: sso) create both a UUF cookie and a cookie for ms4j? or it
is the same cookie? I don't think I understand it well.
On Mon, Feb 6, 2017 at 1:13 PM, Nuwan Dias wrote:
> Yes, we can prompt the login from JS itself. But the login flow is not
> always that
Yes, we can prompt the login from JS itself. But the login flow is not
always that simple. Ex: In a case where SSO is enabled, the app (JS) need
to do a bunch of things to initiate the SSO flow such as checking if its
IDP initiated SSO, redirect to IS. If its SP initiated SSO, generate SAML
>
> micro service layer and prompt login from there.
>
Well, I am suggesting the do the prompt in the frontend JS. This is how
frontend only applications usually work.
We are not trying to protect UI templates through cookies.
Then you don't need UUF cookie, it's there *to protect UIs*. Do a API
Hi Manu,
Yes we can say that this is almost 90% a front end app. But in order to
provide access token and to prompt login when access token is missing we
use back end functionalities of UUF.
We are not trying to protect UI templates through cookies. What we are
trying to do is provide access
I assume you guys have a /auth API, this can set a cookie [1] just has
easily as UUF. And all your other APIs can read the cookie.
[1]
http://stackoverflow.com/questions/3340797/can-an-ajax-response-set-a-cookie
On Mon, Feb 6, 2017 at 12:06 PM, Manuranga Perera wrote:
> So you
So you guys don't want to use UUF for its backend rending, just as a static
server and want to do a frontend app, that's cool. But then properly write
a frontend app. Seems like you guys don't know how to write a SPA and
running back to bankend app logic.
If your UUF UI don't have any data (just
Hi all,
We are trying to implement password grant type based authentication for
publisher and store apps in APIM.
Initially consumer key and secret for publisher and store apps will be
created from external key manager(IS) through DCR (Dynamic client
registration)
Any user accessing the publisher
@Rajith
Is that true, are you doing auth in frontend (btw what app is this?)
Then why do you need cookies? You just have to send auth header [1] ?
[1]
https://docs.google.com/drawings/d/1wtiF_UK2e4sZVorvfBUZh2UCaZq9sTCGoaDojSdwp7I/edit
--
With regards,
*Manu*ranga Perera.
phone : 071 7 70 20
@Manu, In Rajitha's case he cannot use the {{secured}} helper. {{secured}}
helper depends on the UUF session which is created upon invoking
createSession(user) server-side JS function. In Rajitha's senario, he
cannot call the createSession function as he/they are doing the
authentication in
See, even I don't knew it
On Mon, Feb 6, 2017 at 10:02 AM, Chandana Napagoda
wrote:
> HI Manu,
>
> I think correct helper is {{secured}}
>
> Regards,
> Chandana
>
> On Mon, Feb 6, 2017 at 3:22 PM, Manuranga Perera wrote:
>
>> @Rajith
>>
>> You can use
HI Manu,
I think correct helper is {{secured}}
Regards,
Chandana
On Mon, Feb 6, 2017 at 3:22 PM, Manuranga Perera wrote:
> @Rajith
>
> You can use {{secure}} tag at the top of the page to indicate that it's a
> login required page.
>
> Unfortunately this is not documented yet,
@Rajith
You can use {{secure}} tag at the top of the page to indicate that it's a
login required page.
Unfortunately this is not documented yet, AFAIK.
@UUF team
Agree with Sajith, this need to be addressed by UUF auth
But,
1.
We already have a {{secure}} helper but nobody seems to
Rajitha's query is not about sharing common JS logic, rather he wants a
custom authenticator to UUF.
IMO, "pluggable custom authenticators" is a missing feature in UUF. IS guys
needs need the same thing and they have proposed to use MSF4J interceptors
[1]. We need to come-up with a better
Hi Shan,
Thanks for your prompt response. This works fine. But my actual requirement
is not calling the method in module inside from each and every js file
(pages/index.js or pages/create.js and etc). A person who writing a new
page will have to call this method in the module in his JS file. If
Hi Rajith,
We can use modules for reusable js codes. Please refer modules sample in
the Features app[1]. So in your case, I think we can add the *onGet*
function to a module since it is reusable and include that module in all
the js files where you want to perform this check.
[1]
Hi Devs,
I have written a logic to check for a cookie[1] when /publisher context is
requested. It will hit the OnGet method of index.js of publisher app.
But I need to perform this logic for all requests like /publisher/apis,
/publisher/create and etc. I can not copy the same logic to all js
18 matches
Mail list logo