When a user is logging in, I am storing the values in cookies that I received from the backend. Now I want to set the cookies' expiration to 8 hours. How can I do that?
I have done like this but I am not sure if it is correct or not
var expireDate = new Date();
var time = expireDate.setDate(expireDate.getDate() + 1);
$cookieStore.put('userData', record.data.profileData,{'expires':time});
In Chrome developping tools (it's probably existing in others browsers) you can check what is the expiration date of your cookies.
You can access to this functionnalitie in the tab Application and on the left there is the label Cookies :
Be carefull with the use of $cookieStore because it's depreciated since v1.4.0
Related
I'm using Next js to create my project, and I have created a custom signup form in it. In here I'm getting email and password of the user and them I'm sending an otp on user's email. after varifieng user I want to store his data.
I want to use session for this, but I'm not getting any good way to create session in Next js
How can I do that?
What I have done to solve this is used browser cookie to store the token, as cookies allows expiry option.
let today = new Date();
today.setHours(today.getHours() + 1);
document.cookie = "User_Token=" + userTokenValue + ";expires=" + today +
";domain=https://www.example.com";
We're moving and updating our database because it's due for it, but we have an issue concerning authentication. We'd like to connect to the database only with an authentication key.
Our old CouchDB were not using any user and all the databases were public (no users permissions or anything like it). It was working but it is not what we want.
Now, with our 'new' CouchDB, we'd like to have our connections made with an authentication key only, but it looks like there's an expiration on the sessions made and we can't find the way to have a token permanent.
For the context, I'm using couchdb-python for my tools and I found some ways to start a session and get the cookies, therefore the authentication key, but either it is via couchdb-python or the web platform (Fauxton I think it's called), the expiration time is still there and after the timeout (as shown below) the session does expire.
Below is our local.ini for it.
We tried to add both required_valid_user = false and allow_persistent_cookies = true but to no avail.
[couchdb]
uuid = xxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxx
[couch_peruser]
[chttpd]
port = 5984
bind_address = 192.168.140.66
require_valid_user = false
[httpd]
[couch_httpd_auth]
require_valid_user = false
secret = xxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxx
allow_persistent_cookies = true
timeout = 600
[ssl]
[vhosts]
[admins]
admin = -xxxxxx-xxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxx,xxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxx,xx
I'm pretty sure there's something we're overlooking or that we did not understand correctly.
Is there a way to get an authentication key to be permanent?
Is there a way to get an authentication key to be permanent?
The best would just be to use password authentication. The password never changes (unless you change it, of course).
But if you insist on using a token, you can increase the session timeout to some insane value:
[couch_httpd_auth]
timeout = 99999999999999
This is untested. I don't know what the maximum value is.
My Project is based on the
Loopback Getting Started Tutorial 2
I use the AngularJs SDK on the Client-Side and I want to implement the "Password-Reset"-Function.
First there is the /reset-password view, where you can enter your email address and ask for another password.
Then you get a link send per email that directs you to /set-new-password/{{accessToken}}/{{userId}}
On this view, the user enters the password and submit it. Afterwards it should find the User by Id and update its password.
But for User.findById and User.updateById I need the access-token in the Request-Header.
"Normally" the Request-Header always contains the access-token after the login. But since it's a password-reset, I'm not logged in.
I can access the access-token via $stateparams, but how can I set it in the Request-Header,so I can still use the AngularJs-SDK?
(I hope everything is clear. English is not my native language)
Edit: I have found someone with nearly the same question here. The not accepted answer works for me now.
EditEdit: Doesn't work always.. Sometimes it doesn't change the "authorization"-parameter in the Header. Can't figure out why
The solution with the LoopBack AngularJs SDK
In your angularJs controller
.controller(function (UserAccount, $location, LoopBackAuth, $scope) {
var params = $location.search();
var access_token = params.access_token;
$scope.reset = function(inputs) {
LoopBackAuth.setUser(access_token);
UserAccount.setPassword({ newPassword: inputs.newPassword });
}
})
You need to implement error control and ideally check the password twice before sending.
I want to use onsen ui and angularjs to develop a hybird application, but now I meet a problem, this application cannot store user's login information, so user must login everytime after they close the application.
I use $cookies, service, and $rootScope to store user's login information, but all of them can not work at android platform.
Anyone can help me to solve this problem?
On HTML5 mobile framework like Onsenui, I suggest to use localStorage.
You can take a look at these two AngularJs modules:
angular-local-storage
ngStorage
They have very well written instructions and demo codes as references.
use this plugin https://github.com/litehelpers/Cordova-sqlite-storage or something similar to create a sqlite database. Create a table with the information you want to keep (username and password). You can create a hash of the password and store it for better security (md5 or sha1).
You can also keep the timestamp of the login and keep the user logged in for a specific interval of time, so when he opens the app, check if you are inside this interval (e.g. day, week, etc.) from the last login and if yes, log him in automatically else show the login screen again.
if (window.localStorage.getItem("rememberMe") == "true") {
$scope.userEmail = window.localStorage.getItem("userName");
$scope.userPassword = window.localStorage.getItem("password");
document.getElementById("rememberMe").checked = true;
}
else {
document.getElementById("rememberMe").checked = false;
}
if (document.getElementById("rememberMe").checked == true) {
window.localStorage.setItem("rememberMe", "true");
window.localStorage.setItem("userName", $scope.userEmail);
window.localStorage.setItem("password", $scope.userPassword);
}
else if (document.getElementById("rememberMe").checked == false) {
window.localStorage.setItem("rememberMe", "false");
window.localStorage.setItem("userName", "");
window.localStorage.setItem("password", "");
}
Hi! have a look at the above code. It stores in local storage
Anybody have an idea, why cookie in Cakephp always get deleted automatically after function ends?
I try to write a cookie in let say function abc, with following :
$this->Cookie->write('referal', $ref);
Before that, in app controller before filter, i have initialized the cookie as following :
$this->Cookie->name = 'renttycoons';
$this->Cookie->time = 604800; // or '1 week'
$this->Cookie->path = '/';
$this->Cookie->domain = 'rent.local';
$this->Cookie->key = 'qSI232qs*&sXOw!';
But once the execution of function ends, the cookie was empty. when i try to read the cookie before function abc ends, it was there. There was no delete cookie method anyway.
yes, because the way Cookie in Cake works: when you use Cookie->write(), it doesn't directly write to the cookie, because the cookie is in the user's browser. Only until the view is rendered that the cookie you wrote is sent. So when you redirect, (I would guess the cookie doesn't get sent and flushed out because the view isn't rendered) the new request has the old cookie data.
If you want to persist some shared data within cake app, and unique to each visitor, use SessionComponent. It looks pretty much the same as Cookie: $this->Session->write('referal', $ref); and $this->Session->read('referal');