I want to make a server of SSO which will be used as central of 4 others app to login and logout, and this is the first time i make app like this.
Lets say i have A B and C app which will ask SSO for session available.
I develop SSO using Yii2, and now i have made a route open for the other 4 apps to connect.
But the problem is, it doesn't give me any data.
I have tried provide Yii::$app->user->identity-> and session, but it doesn't work..
Can you give me suggestion, or anything about this?
Related
I am currently building a Chrome extension that lets users auto-register for courses on a particular website once registration opens. The registration process is just a simple fetch POST request with an authentication header.
Now, this already works using the chrome.alarms API while the browser is open, but for obvious reasons I would want this to also work once the user closes the browser. Do you have any ideas how to do this? I really want to avoid to externally save user data..
If this is impossible, my idea would be to send the registration fetch to an external server (maybe even one hosted on a Raspberry Pi? Other ideas?) and then execute it once the registration opens.
Good day everyone. I am stumped at the moment and would appreciate some guidance. I feel like I am a great googler to usually find my answers or resources but for the life of me I can't seem to find any good learning material on JSON requests and responses.
So I took a course that builds a 3 part app. Web app with Django, and 2 mobile apps that make API calls to it. The instructor uses Facebook authentication from the mobile apps and I am trying to set up the apps for username and login and a registration page as well.
I have django models setup and and can make users from the web app but I can't seem to wrap my head around how to make JSON calls from app to Django. When I search for possible terms like authenticate django I get results that talk about only django usage.
Does anyone have some tips or links to resources that would help me understand the login process better. I realize that almost every app has a login which is why I'm surprised that I can't find any good learning material on how its done. Or I'm just searching for wrong keywords.
Any help would be great thanks.
It's really a general question, But i give you a brief on how mobile and django server should interact with each other:
First of all, in your situation I really suggest to use django rest framework, Because of it's rich modules and functionallity like serializers, routers and ...
read more about it from origin documentation here.
For authentication system, You should use a token based system (or session). I suggest use one of django suggested token based solutions for that. In my case i really suggest to use django-restframework-jwt library
(JSON Web Token Authentication support for Django REST Framework).
so whenever you want to send a request to mobile you should provide that token (based on token authentication backend you choose) in your headers of request.
And for login and register you should create APIViews that takes user input, then register or authenticated it with backend and then gives user the generated token for future requests.
And for social auth system like facebook, the main concept is to redirect user from app to facebook oauth links, which if the user authenticate in his facebook will redirect you redirect url of your backend server, then you should capture that request in callback, fetch data and create or get the user and generate the token for that user and return it. so that for furture requests, by sending token to server, server will know that which user is sending this request and handle response properly for that.
And if you want to create a login with mobile, then you need to setup APIs for login, register with django rest which is really easy and you can learn from it here.
I am deeply into learning about App Script but there is so much the Google has to offer I'm a bit overwhelmed at figuring out what I need.
I'm designing an online volunteer application work-flow and eventually other things for a non-profit organization.
Here is how I envision the process flow going.
New user comes up first Web App page asks for first last middle and email address
First Last Middle are used together in some way to create a domain log on for the user using the provisioning API (already figured this part out) while prompting the user to create a password
At this point the user is passed to the actual application web app that runs only for domain users so that the relaxed rules of app script for user behind a domain can be leveraged and also so the entire ebb and flow of information stay behind our domain.
Now where I am unclear on is the jump from step 2 to step 3.
What would be the best and most painless (for the user not me) way to put together the transition from running the entry point app that creates the new users domain account as essentially an anonymous user identity to running the domain level app AS their new domain user identity.
I've been studying OAUTH but it seems that is more for external integration with things like drive and youtube etc. My goal with this project is to have everything (aside from things like client side validation and jQuery) running from Google's Cloud.
In #2 i asusume you have a pool of unused gapps accounts.
In #3 you need to get the user logged in in gapps first . For that you need to show a special login url that will redirect to fhe other app. Another is to do a manual oauth flow and use the redirect url to get to fhe new app.
Hi I have an HTML5 app which has a User Login. The app has a Notes option. I am looking for a service which would help me to sync the notes for that user account. So the same user can login in a different device and see the Notes in their device. I cannot use iCloud as Android doesnt support it.
We tried to store the notes in the user db using jsonp but still had some issues.
Someone mentioned about Pusher.com but looks like the service is expensive for a starter like us. Is there any more reliable and cheap options for us? W
Parse is probably more in line with what you are looking for. Pusher provides a service for sending push notifications, but you mentioned the need to store data in the cloud. Parse can accomplish this and does have a free basic plan that you can get started with.
I am trying to figure out how to sync authlogic persistence tokens across servers.
I have 4 servers, and I have many apps on all 4, the authentication is working across all the apps on one server. I can even get them to work on different servers if I copy the persistence token from one to the other 3.
The only issue I can think of is users may login to one server and not the other, but I still want them to be able to be synced in case they do go to that other server. For example:
Joe logs into server 1
Joe also logs into server 2
Jane only logs into server 1
Fred only logs into server 2
I would need a 2 way sync from each of the servers. I don't care which persistence token they get as long as they are all the same.
This also uses LDAP for authentication in case that matters.
I am open to pretty much any suggestion, including something non-rails related.
Edit
To update this, I cannot remove LDAP authentication. I really have no desire to replace authlogic. I was thinking of something like a rake task or shell script to handle the syncing.
I am perfectly fine coming up with my own idea, just want to see if someone knows the best way.
Thank you all for any help.
You might really be looking for a central authentication service (CAS) -- something that will enable Single Sign On (SSO).
This enables you to log on to different services. It will work something like
User requests http://server1
server1 checks if the user is authenticated against the local store. If not:
server1 redirects user to something like http://casserver?return=server1
casserver actually gets the username/password or credentials, authenticates them, and:
casserver redirects to http://server1
Then:
User requests http://server2
server2 redirects user to http://casserver?return=server2
casserver redirects user to http://server2 with the authtoken
That way the user does not enter credentials more than once.
OAuth works like this (over-simplified)
People have used the java based CAS . Some posts:
http://weblog.plexobject.com/?p=1682
http://thinkrelevance.com/blog/2007/01/08/cas-sso-and-rails.html