I am using satellizer jjs module for login using facebook and twitter. I am using angular js for front end and node js for backend. I am developing a website. When login using twitter the user is not able to come back to the application window after successful authorization in another window.
Kindly suggest something so that user automatically sent to application window after login.
Try to use implicit oAuth2 flow.
I'd initialize the $auth provider with responseType:'token'
Example:
$authProvider.twitter({
url: '/auth/twitter',
responseType:'token'
});
Related
I would like to authenticate my React js application while using the keycloak login page and be able to log out to my application.
I will like to display keycloak login page first and after user authentication it is directed to my react js application and on the application I would like to create a logout button which will redirect the user to the page connection.
You probably would like to have a look at the documentation - I think the javascript adapter might be what you are looking for:
https://www.keycloak.org/docs/latest/securing_apps/index.html#_javascript_adapter
I create external login page in my mvc app which
redirect User to custom login page..
and use that external mvc app in my angular js app.
But after login succesfully one should not able to open my angularjs app.
get Below error.
For implementing Azure AD B2C login with Angular Js application you can refer the GitHub sample
I have a .net core application that I'm trying to authenticate with azure ad.
I'm using C# web apis for for all backend.
The place where I'm getting stuck is how to force my user to login when coming to my app.
If I add Authorize to my api calls with they just fail and the page loads without getting the information from the api calls.
How do I tell my react app to go to the microsoft login page if they're not logged in? I'm thinking that I don't need tokens because I can just get the ms login link from my api call and login?
Is this something I can set in the startup page?
I have an application built by a previous developer that uses OWIN middleware with both cookie and OAuth tokens. It is an ASP.NET MVC app that is only using MVC views/controllers for login and a home view that hosts an entirely separate Angular app.
Bearer tokens are used to authenticate to the API once the app is entirely loaded but an auth cookie is used to load the initial scaffold MVC home view enclosing the ng app.
My issue is having a business requirement to allow users to login with unique credentials per browser tab therefore cookies cannot be used but simply use a session-based token to keep them separate.
Can an ASP.NET MVC app fundamentally operate without cookie-based auth?
If I can remove cookie auth and rely on tokens only this will solve my issue of having to rewrite the angular outer frame in solely angular code and reimplement login pathway.
A note: I am implementing IdentityServer3 and I found all samples there and elsewhere always have cookie auth as part of the mix thus my question here.
I think what you want to do here is the following:
Add an [AllowAnonymous] on the Home controller
In the application that is loaded by the Home page, use a browser side package like oidc-client to perform a user login. This will return an id and an access token.
Inject the access token in you REST service requests.
Use UseIdentityServerBearerTokenAuthentication to filter and authenticate bearer tokens in the WEB API server.
I have an angular app that I need to secure. We have a central SSO app in our organisation.
This central app provides a login page and sets cookie after authenticating the user.
Now I need to redirect user from my angular app to this central login page in case authentication cookie is missing/expired.
Can someone please help, how can I redirect to a different page using angular routing ? It seems angular always redirect only relative to base url.
I also tried to use spring mvc and security to restrict access to index.html from server end, but I am not able to set the mapping for showing index.html file (outside web-inf) from dispatcher servlet.
angular's routing is for routing within the page.
Use native location.href for this.
It sounds to me that you are trying to have partial AngularJS page and partial Spring MVC web application. I have also tried this, but then things did not go so well.
If you want to build a web application using AngularJS, I suggest you to start using AngularJS fully as Single Page Web Application and use your Spring MVC as a RESTful web service which is secured by Spring Security.
Read this article: restful-web-service-with-spring-security
The custom AuthenticationEntryPoint must return an HTTP status which AngularJS will process further in $http.success or $http.error. In case of $http.error you force user to go to the login page maybe something like $location.url("/login");
To make all $http.error points to the login page, you can use AngularJS http interceptors.
NB: You should secure your whole web application on the web server level by permanently redirect from http to https. Example: Apache HTTPD