Forms Authentication
I am trying to integrate an authentication mechanism on the crawler. As a result of my research, I decided that the most optimized solution is to have the user fill out a login form and use it to authenticate. But I don't know exactly how to do this. Can anyone help who has developed a login mechanism like the image I shared before or knows how it was developed?
Related
I'm creating my own social network and I've made an authentification server in JavaScript, with Json Web Tokens. Now, I want to integrate the Snapchat Login Kitto my app but it gives a token and it makes what I have made.
So that is my question : how can I use the Snapchat Login Kit to create a real account with my API and to allow the user to login with this?
Thanks
I would recommend server tools like firebase, Parse, Back4app, and many others that have the ability to create a user with multiple platforms with like Google, Facebook and many others. Personally, it might be best if you don't use snapchat because of the fact that a lot of people don't have snapchat and their credentials are hard to remember when you are not having to log into the app for a long time so the user might be asked to put in their password that they do not remember.
I have created a nodejs Web API for my backend, and my client application is written in Angular 5, as part of the requirements they want me to create a login page inside this app asking for email and password, I've been looking for an example where they try to do the same thing I am doing but I've been unlucky. I tried angular-oauth2-oidc library for doing this but I received a CORS error. Could someone provide a guide for doing this?
I've seen that moodle web app did this but is in PHP how I could implement this?
I am new to AngularJS and gone through their tutorial and got a feel for it
I have a backend for my project ready where each of the REST endpoints needs to be authenticated.it will give 401 response when the user is not authenticated for every request.
And due to this a default login pop of browser is opening.And i want to open login.html instead of that default browser pop-up.
Is there any way to do this. I saw here and here but did not understand how to use them.
so be kind to explain it.
thanks
Can you elaborate a little more about your problem. As which kind of browser popup came. Does this come from server side? or you implement the popup at frontend other than login.html?
I don't understand whether you've already implemented the login solution. If you've not, you should take a look at this amazing James Ward article: Securing Single Page Apps and REST Services . That authentication pattern is implemented at $http.
Working on a project where i need to implement single-user login, or letting them use the same login on their main website, as well as on another site. Right now they are using a SOAP web service. I have used my googlefu to try and work this out, but I need some help.
https://www.kappaalphatheta.org/gateway2/production/com/theta/authentication/AuthenticationGateway.cfc?wsdl
Just above this is a link to their service. I am using a .net authentication service on our website. With no experience in SOAP or authentication, how can I set up my site to authenticate a user from their service, and also pull other information like address and email address?
I have looked at their site, and they are using javascript and not PHP, whereas on google most people use PHP. I would prefer to keep using JS or jquery.
Thanks for looking, and help is appreciated.
I'm developing a new web site that will be a single paged app with some dialog/modal windows. I want to use backbone for frontend. This will call backend using ajax/websockets
and render the resulting json using templates.
As a backend I'll use nodejs express app, that will return the json needed for client, it'll be some kind of api. This will not use server side views.
Client will use facebook, twitter, etc. for authentication and maybe custom registration form.
Client static resources, such as css, js, and html files will be handled by nginx (CDN later).
Questions that I have now:
How can I determine that a given user has the right to do some action in api(i.e. delete a building, create new building)? This is authorization question, I thought of giving user a role when they login and based on it determine their rights. Will this work?
Similar to the above question, will this role based security be enough to secure the api? Or I need to add something like tokens or request signing?
Is this architecture acceptable or I'm over engineering and complicating it?
Passport is an option for the authentication piece of the puzzle. I'm the developer, so feel free to ask me any questions if you use it.
I thought of giving user a role when they login and based on it determine their rights. Will this work?
Yes this will work. You can check for a certain role on the user after it's been fetched from the server. You can then display different UI elements depending on this role.
Will this role based security be enough to secure the api? Or I need to add something like tokens or request signing?
It wont be enough. Anyone could hop into the console and set something like user.admin = true. In your API you'll need to validate a user token from the request, making sure that the related user has the appropriate permissions.
Is this architecture acceptable or I'm over engineering and complicating it?
At the least you should have an API validation layer. That would make a decent enough start, and wouldn't be over-engineering.
For the authentication part of your question i would use everyauth which is an authentication middleware for connect/express. It supports almost every oauth-social-network-thingie.
For role management you could give node-roles a try. I didn't use it myself but it should help you out, because it checks the role on the server side. Of course that is only useful if your API is implemented in node.js. If that's not the case, you have to "proxy" the API calls over your node.js app.
I hope I could help you! :)