I am using Laravel as a Backend and Angularjs as a Frontend.
I am Using this full package https://github.com/andbet39/tokenAuth for my Local setup AWT authendication it working fine,
How to do admin authendication and redirect to admin page?
How to do in Admin Panel
You have choices to make here.
There are several packages out there that can provide a full fledged admin panel for you (e.g. TCG/Voyager).
Or you could build one yourself with Laravel/Angular, this way you can customize the way you want.
The question I'm sensing here (you didn't state one clear enough) is:
How do I redirect to my admin panel?
The anwser to that comes down to this.
You need to have a route protected by auth middleware
# L5
Route::middleware(['auth'])->get('/admin', 'AdminController#index)->name('admin.index');
And put the redirect in your controller
public function login(Request $request)
{
(..)
return redirect(route('admin.index'));
}
After a successful login, the user get's redirected to the admin page.
Since this is a very basic example you should add more validation based on if the user is allowed to even view the admin page. But that is for a later stage :)
Related
I'm migrating from Identity Server 3 and I have a question regarding controlling what page is redirected when we need to redirect from the authorize endpoint into the account controller.
The current solution using the PreAuthenticateAsync method on the UserService to look for a custom acr_value key/value in combination with prompt=login on the authorize request.
An example use case is allowing a deep link into the Register page, or into the Manage profile page if the user is logged in.
I cannot find a simple hook for controlling where we go after IDSrvr4 detects a login redirect.
I have found the IAuthorizeInteractionResponseGenerator interface and was wondering if a custom implementation ( or override the default behaviour of one of the ProcessXXXAsync methods from IdentityServer4.ResponseHandling.AuthorizeInteractionResponseGenerator ) is appropriate, but this feels like a sledgehammer approach.
The QuickStart scenario #6 from the IdSrv github repo is a close example of what I want to accomplish if you tried redirect to Register, or the Manage controller if logged in
Thanks in advance
You can configure the page you want to go to for unauthenticated users like this:
services.AddIdentityServer(options => options.UserInteraction.LoginUrl = "/account/login");
For sending authenticated users back to that page you need to to implement IAuthorizeInteractionResponseGenerator - or rather derive from the default one.
Is there a way to open external URL in new window and keep an watch over URL change in newly open window and take actions accordingly. And i want to get cookies values also from newly open window.Basically I'm developing website in angularjs. To signup or login i'm using social media. For example on clicking facebook button(using passportjs for social login ) it should redirect user to facebook login screen and once login is successful user will be redirected to a page where i'll be sending access and refresh token in cookies from my server once redirect is done. So i want to keep watch over URL and redirect user to profile page once redirecting is done and want to fetch value from cookies.
new window -> no rootScope or any other scope.
You don't have the same "runtine environment" cross windows
You can't control a new window with the one that open it.
You have to "boot" another angualr and passing parameters, if needed in another way.
UPDATE
normally with 3th party authentication you can choose the page that you want to land.
For angularjs I found the lib satellizer that is pretty good and give you support for all the principal identity provider(facebook, twitter, guthub ecc).
Take a look and tell me if is what are you searching
According to this link: http://www.django-rest-framework.org/tutorial/4-authentication-and-permissions/#adding-login-to-the-browsable-api
I need to add the following code to my URLs.py:
url(r'^api-auth/', include('rest_framework.urls',
namespace='rest_framework')),
When I added this, users can log in by going to the "api-auth" URL and using the default DjangoRestFramework login interface. After a successful login, users are directed to "/test" because I have the following code in my settings.py:
LOGIN_REDIRECT_URL = '/test'
I wanted a way for users to be able to log-in using my own custom interface but by using DjangoRestFramework's built-in code for logging users in, so I created my own template. The login form in the template sends a post request to
api-auth/login/
and sends the user object (which consists of a username and password in JS) along with the POST request. No errors are returned, so I'm assuming the login is successful. However, it does not redirect to any URL (I was expecting it to redirect to "/test").
Any idea why it does not redirect anywhere, and how I can make it redirect to "/test"?
Edit: I am also using AngularJS on the frontend.
LOGIN_REDIRECT_URL is basically from django.contrib.auth so I wouldn't except other auth backends to use it, at least not necessarily/automatically
Also if you're logging through REST say from an AngularJS, even if after the REST API login is successful and returns a redirect response, there is no guarantee that the AngularJS app will navigate to that page because the login REST API was hit using an XHR request (from $http or $resource etc)
I'm using a slightly different REST auth lib than you, called django-rest-auth (not the BrowsableAPI that comes with DRF), I'm authenticating from AngularJS, and after the call is done with success, I simply navigate the app to a new URL
djangoAuth.login(username, password).then(function(){
// make angularJS navigate to new page when login is successful
// $location.path(...) or some other way
});
Bottom line is, since you have an auth API, you can make a small AngularJS page, with login form, then when login is successful redirect with AngularJS
Worth a look
I'm using these two libs that are meant to be used together, they offer REST auth over DRF, and optional a AngularJS lib to help with the frontend
https://github.com/Tivix/django-rest-auth
https://github.com/Tivix/angular-django-registration-auth
In my websphere portal 8 I need to redirect user to custom page after session timeout.
As was described in all tutorials I set
redirect.logout = true
redirect.logout.url = /wps/portal/uec/uechidden/sessiontimeout
in WP_ConfigService but that had no effect.
I have check all access permissions to redirect page and portlet and other.
Also I have Logout filter in my app, but even when I removed it I've been redirected to "Your portal session has timed out because of no activity. Please start a new session at your portal Home."
My timeout settings are set for server not for one application.
Any suggestions?
To redirect to the login page (or any other page) when the session expires, use one of the following methods:
Option 1.
Extend the authentication filter chain and implement the desired logic in code. Refer to the following articles for more information: "Configuring authentication filters" and " New security APIs in WebSphere Portal".
Option 2:
Modify the ErrorSessionTimeOut jsp to add Java script to redirect to the login page when the session times out. This option is simpler to implement but you may see a momentary "flash" when the redirect occurs.
More information: http://www-01.ibm.com/support/docview.wss?uid=swg21419230
To redirect the user to custom page after session times out, you need to perform following steps.
Define ImplicitLogoutFilter by implementing com.ibm.portal.auth.ImplicitLogoutFilter.
While defining ImplicitLogoutFilter, set the the redirect url in filterChainContext using method:
filterChainContext.setRedirectURL("URL of custom page where user should be redirected to");
Configure this filter in web sphere.
In WP_ConfigService, create a new custom property redirect.logout=true
Restart the server.
Follow these steps, it works when session times out and user try to view authenticated page. In case any issue is faced, please let me know. I'll help you in resolving this issue..
I am using Cakephp 2.0 and Auth Component. My website consists of 2 user roles as follows
1. Admin
2. User
At a Time in a Browser either Admin or User can login to the website using Auth Component. it's not possible to handle Both User roles can log into the website at the same time in same browser. Is there any way to do it CAKEPHP. Now My client wants to login as Admin and User in same browser. But in Joomla and other frameworks has this feature. extremely sorry for this basic question
Depends on how your roles are defined and how your admin section is built. If you done it with proper prefix routing (/admin/:controller/:action/) then it is easy.
In you AppController::isAuthorized() just add a check like
if ($this->Auth->user('is_admin') == 1 && $this->request->params['prefix'] == 'admin') {
return true;
}
If you have an array of rules use in_array() to check for the allowed roles.
For more details read this link.