In my react native app, currently i'm using an AWS/Amplify withAuthenticator to make sure a user is signed up. The very first time a user signs up, i'd like to call a function once and once only, to create to store some user date elsewhere. Currently this code pulls up a standard AWS signup screen (i don't know where the code for it is hidden), where the user signs up:
export default withAuthenticator(App, { includeGreetings: true});
The first time this user is successfully created in AWS, how can i find out its complete and then also call my own function? This function never need be called again.
You should move that functionally into the aws lambads.
This link describes how you can achieve that easily with the aws cognito dashboard. This enables you not only to set some state within a store from that lambda function, but you can also send them a mail or notify you that a new user singed up.
The other way, described here, is to write your own components to handle sign up. This also enables you to do something on user confirmation. This is a lot more complicated but it depends on your use case.
Hope this helps. Happy coding.
Related
I am playing around with the nodejs packages googleapis and actions-on-google.
I am stuck reporting the state, which changed without googles note, so that google keeps in sync!
Sadly this does not work. I am using this method: homegraph.devices.reportStateAndNotification().
described here: https://developers.google.com/assistant/smarthome/reference/rest/v1/devices/reportStateAndNotification
The call is fine, I am getting a correct answer and everythign seems fine. Except that my google home app does not update the state.
I have another thirdparty-device which has a button to toggle the state, this works fine. So the app has no bug, it must be on my side..
I am wondering if this "feature" does only work in production and not during the test phase?
test suite says its fine too:
Google Home Assistant UI depends on various factors for the state, including query and report state responses. One should make sure that they are invoking the query correctly.
You should also try to verify that your report state implementation is correct by making use of tools provided by Google like Home Graph Viewer (make sure states are updated in the homegraph) and Test Suite (to see if both query and report state implementation pass).
I don't think the status shown by the Google Home app coming from what you have reported to HomeGraph by using the reportStateAndNotification. The QUERY intent must be invoked from Google Home app in order to see the current status of your device.
Ref
When Google Assistant wants to take an action that requires understanding the current state of a device, it can simply look up the state information in the Home Graph instead of issuing a QUERY intent
As an above statement, I think the status that you reported to HomeGraph is beneficial only for the Google Assistant not for your Google Home app.
We found it, see this issue-tracker too:
https://issuetracker.google.com/issues/238499831#comment16
Google Home App does ONLY use the home-graph for devices that are associated with your home "directly".
It is not enough to just have them in the bottom of your app in the section "other devices connected with your account" ..
You NEED to add them properly..
I have created a server-less React App with Firebase for Hosting, Database and User-Authentication.
Now let us assume I have three roles : student, teacher and (you guessed it) admin.
I am currently doing this to show components specific to roles :
/*
Get user data from the database which has a 'type' field with one of the above values,
then in a child render function :
*/
{this.props.userData.type === 'student' &&
//Show components for students
}
{this.props.userData.type === 'teacher' &&
//Show components for teacher
}
Now the way I see it, the user could open Chrome Dev Tools and use React Dev Tools to change the prop value to one of the others.
I came across using the 'Can' component by defining roles and permissions but that essentially does the same thing and the user can alter the prop passed to the 'Can' component to access content of another role.
Solutions I have considered :
Use obscure values for the 'type' field like random numbers or words instead of the obvious teacher/student.
Store list of uids under each role in database and check if current uid exists under the list and pass some prop hidden in some unsuspecting object or under a random name, something of that sort.
Create entirely different routes and set redirects so that the user doesn't have enough time to change the props or state since the component which redirects is no longer mounted.
Questions :
Is there a better way to structure my app so that I won't have to use state or props to identify user type?
Am I on the right path or is there something so obvious that I'm missing?
Edit :
I understand that there is nothing I can do to stop the user from editing the state or props of the components. Answers suggest that I should validate user type on the server to check if the user can perform an action. Is there a way I can achieve this on my current setup (see first line)? Or is it necessary to have a server.js?
The visitor will always be able to somehow "hack" your frontend application (eg. by changing the props in React Dev Tools or in any other way).
It is completely okay for web to work like this, as all your main logic should be located on the backend, where you can actually prevent some actions to happen.
A very similar question has been asked here How to prevent html/JavaScript code modification
Roles should not matter in the browser beyond aesthetic reasons (show/hide button etc). Your access-control should be done in the backed with functions and rules.
Any malicious user can edit HTML, or send an HTTP request to pretend that they have a role. However, on the backend you should check if the user-id actually has that role or not and reject running code you're not supposed to.
I want to create a marketplace app which displays a different user flow (UI UX) when a customer or seller logs in. How can i achieve this with React Native?
Is this classed as a multi tenant app?
As an absolute beginner, i would appreciate some advice and possibly links to documentation on how to set up the structure using Visual Studio Code. Thanks.
Create a different set of routes for both seller and customer via route authorization.
You can use state management such as mobx or redux,set seller or customer on launch,so every screen or component can request at any time if wether a seller or customer then render the right things
As someone mentioned, redux or different routes after authorization might be what you want. But it sounds like you may have bigger picture issues/questions. The front end could certainly be written in react native, but you need a back-end where the data will live and users will be authorized. If you don't want to write that yourself, you might consider Firebase, as its easy to use and free up to a certain usage level.
Firebase handles authorization easily; then when people are creating accounts, have them specify if they're sellers, etc, and save that to user profiles. When they log in, use the data in their user profile to direct them to different react navigation stacks or just different themes or whatever your needs are.
hook_user_insert (Drupal 7) is not called when adding a user via the admin backend. I need to hook into this action to create a blank user profile (profile2 module) for the user. I'm not sure if this is the intention or if it's a bug. It is called when a user registers via the frontend, but not when an admin user adds one via the backend.
If this is by design, is there an alternative hook I can use to accomplish this?
My bad. I didn't realise the hook was defined in my theme's template.php file. I moved it to a module and it works.
I want a link that when you click on it, it will call a simple ajax query which updates a database entry. Normally this would be easy, but because authentication needs to happen before the query is executed, I need to be able to execute the Ajax Query AS THE CURRENTLY LOGGED IN USER. I.e. I need access to the $user variable and I don't want to create a new connection.
Does Drupal have native functions that can do this? Is there something I can use to do this?
You're going to want to create a module to handle this. Then, whatever function you call through the callback will have complete awareness of the logged in user.
Keep in mind that if someone makes a link that goes to your AJAX destination on their website, and can trick people into clicking it (or, for that matter, makes that link the src on an img tag), then weird things can happen to people's data without them meaning to.
I suggest the use of a token and checking that the token submitted as part of the link matches something to do with the user. Check drupal_get_token() for a good way to generate one.
Either create a menu item in a module implementing hook_menu() and specify a callback to a function handling this request - or use the Services module and create a new service module.