Javascript sdk - Authentification login required on each page


#1

Hi there
i’m trying to build an web app based on dreamfactory and javascript sdk
based on Jquery app
i’m trying to integrate jquery app in a boostrap template devoops-master fond on dreamfactory github repository
so i’ve create many html file with jquery app
i call this page with the navigation menu on the left.
my problem is that on each page ths sdk ask my for login even if i’m already login (when file are on my server ubuntu 14)
i don’t have this issu when running localy (on imac) .
is there any way to check for session instead of asking for a login ?
any example would be more than welcome :smile:


How to Authenticate on a login page and be authenticated on application page
#2

If you’re getting prompted to login on every single action, you are likely not passing the session_id to the DSP. Your session should persist for as long as you’ve set the duration parameter at login. Check out this page from the documentation on passing the session token header. This is implemented in the JavaScript SDK by storing the received response.session_id as a new ApiKeyAuthorization header that gets passed along with subsequent calls:

...
            window.authorizations.add("X-DreamFactory-Session-Token", new ApiKeyAuthorization("X-Dreamfactory-Session-Token", response.session_id, 'header'));
        }, function(response){
...

To implement session verification, I recommend making the API calls as normal and trapping for a 401 error response. Then use the 401 as a trigger to login again. This is more efficient than checking for a session before every call. A global error handler for 401s should do the trick.


#3

Thanks
That i don"t understand is that
when code is run on my web serveur (bitnami LAMp) > login on eqch page
When code is run localay on my mac > no problem…

thanks


#4

If you are logged into the Admin Console in the same browser, the browser will keep passing the admin’s session token with requests, so that you are not prompted for login. I recommend you test using a different browser, a REST client, CURL, or with a separate machine/browser to be sure you’re authenticating and passing headers correctly.


#5

hi Jeffrey
still working with the same issue
based on jqery todo app

here is the code i pu on every page

// session

function checkSession() {

$("#loading").show();
// check for existing session, relevant when code is hosted on the dsp
window.df.apis.user.getSession({"body":{}}, function (response) {
    $("#loading").hide();
    // existing session found, assign session token
    // to be used for the session duration
    var session = new ApiKeyAuthorization("X-Dreamfactory-Session-Token",
        response.session_id, 'header');
    window.authorizations.add("X-DreamFactory-Session-Token", session);
    runApp();
}, function (response) {
    $("#loading").hide();
    // no valid session, try to log in
    doLogInDialog();
});

}

// my app code

// login dialog

function clearLogIn() {

var $_dlg = $('#loginDialog');
$('input', $_dlg).val('');

}

function doLogInDialog() {

var _message = 'Please enter your User Email and Password below to sign in.';
$('#loginErrorMessage').removeClass('alert-error').empty().html(_message);
clearLogIn();
$("#loginDialog").modal('show').on('shown', function() {
    $('#UserEmail').focus();
});

}

function logIn() {

var email = $('#UserEmail').val();
var pw = $('#Password').val();
if (!email || !pw) {
    $("#loginErrorMessage").addClass('alert-error').html('You must enter your email address and password to continue.');
    return;
}
var body = {
    "email":email,
    "password":pw
};
$("#loading").show();
window.df.apis.user.login({"body":body}, function (response) {
    // assign session token to be used for the session duration
    var session = new ApiKeyAuthorization("X-Dreamfactory-Session-Token",
        response.session_id, 'header');
    window.authorizations.add("X-DreamFactory-Session-Token", session);
    $("#loginDialog").modal('hide');
    $("#loading").hide();
    runApp();
}, function (response) {
    $("#loading").hide();
    $("#loginErrorMessage").addClass('alert-error').html(getErrorString(response));
});

}

Does i miss something? or does the app page should have something different?
thanks


#6

Is this your question now? Or are you still working on the problem of being prompted for login on every navigation?


#7

Hi Jeffrey
Still working on my issue
as i understand I need to use session token header :ok

just for your understanding i will have a Login page
and after, different page using sdk (with same DSP app)

so my question(s) is (as i’m quite new with dev)
ok i store response.session_id as new ApiKeyAuthorization, like the example in the SDL or JqueryTODO app.
when i jump to my 2nd page how can i use my response.session_id / ApiKeyAuthorization

thanks very much for helping,

Ps: my DSP is on a Bitnami VM

regards
julien


#8

When you jump to your second page, are the SDK functions still defined?

window.df window.authorizations


#9

Hi @jeebee, have you had a chance to check on this?

When you jump to your second page, are the SDK functions still defined?

window.df
window.authorizations


#10

hi Jeffrey
how can i check this ?
thanks


#11

Use your browser’s debug console. On the console tab, type the word “window”, and press Enter/Return to see what results appear. You’re looking for df and authorizations (lowercase).

If this is not the method you normally use for debugging your JavaScript, then use whatever tool or process you typically use for this task.


#12

hi Jeffrey
simply got istart3.html (who is my app page) when i type window


#13

Hi @jeebee, thanks for contacting DreamFactory support directly with this issue. For the benefit of the community, I’d like to note that the issue here is that the HTML5 app in question is being designed with multiple pages rather than HTML5 navigation elements, leading to all resources defined on the login HTML page being lost when navigating to a second HTML page.