I have a single GAE app, which serves two different variations of the application depending on the invoked URL. Is it possible to have a per-url welcome page, without having the request map to a servlet which would slow the page load too much.
So, by way of example...
My app lives at myapp.appspot.com
I have two domains mapped to this app, myapp1.com and myapp2.com
If the user accesses myapp1.com, I want to serve myapp1-index.html, and
if he accesses myapp2.com, I want to serve myapp2-index.html
I never played with GAE on Java but I'm guessing you could do something based on the requested URL. I believe you can check the requested URL with the following inside your request:
httpServletRequest.getRequestURI()
Where httpServletRequest is the HttpServletRequest parameter from your doGet() method.
Related
I'm building a bit web app where user can save his websites.
My problem is that Auth::check() returns false even if me as user I'm logged in when I try to get data throw API.
I use one WebsiteController and I put the route to this controller inside api.php route folder.
I can access http://localhost:8000/website but not http://localhost:8000/api/website.
I'm biginner, please any one can help me ?
Register API routes in the routes/api.php file. In Laravel, API
routes and web routes are registered in separate files to avoid
mixing them all up.
After authentication, store the token in local storage and send
those access token details in each request header.
Ref Sample here : https://medium.com/#Gbxnga/token-based-authentication-with-react-and-laravel-restful-api-83f16581e85
Assumption / understanding **: As per the Given brief information, you are tryign to create a CRUD application in react and it calls Laravel API to manage those websites ?
**Note: On what you are tryign to accomplish with /api/someroute (is my assumption / understandig is correct?) and where you are calling it in react. Those code snippets you should share and what is expected - when that service call is happneing. Example Return a json and prepoulate list of added websites in home page etc . And instead of happening that, it redirects user to /someroute ? .
I have 4 angular applications one is a landing app which asks user to login and has to redirect the user according to its type
to one of the other 3 applications. I am unable to figure how to should i achieve that.
Have the three apps running on different subdomains. Upon login backend send a redirect response, figuring out what type of user it is?
But this leads to cors Error. Also i am not sure whether the cookie which i am setting will be accessible in all the subdomains or not.
Is there a way out?
You can do a redirect, but it seems like an unnecessary step (and kind of convoluted for this type of application).
Instead of returning a redirect based on login, it seems more straightforward to just return the address you want to redirect to in the response. Trigger a lookup to determine which app you should be directing to (however you're doing that) and then return the address of the app in the response data. From within Angular, you can extract the address from within response.data in $http. (see angular docs). The nice thing here is you also keep routing control and knowledge of state within Angular itself.
As for the apps themselves--instead of a subdomain, you can simply put the apps into different folders on your domain. This deals with CORS and the cookie issue.
Otherwise, you'd need to set a CORS header. You would do this on whatever backend you're sending the requests to--there's usually some sort of library to make it easy, for example, Flask CORS for Flask. If you need to share cookies in this case, this StackOverflow answer discusses one way of doing it (using an intermediary domain).
Generate a security key for the user session with some TTL in an authentication table when you authenticate the user with your App1
Redirect the user to any other app in any domain with this security key where they can query the authentication table and verify the user.
Let these other applications work on their own (in the front end) and communicate with the back-end with the security key when necessary.
Lot of PHP frameworks has built-in support for this mechanism. My favorite is Silex.
I have an angularJS application whose authentication system is made with an access_token and communicating with a backend server written in Go
Therefore to authenticate the user, I have to add the access_token to each request ?access_token=SomeTokenHere or via a header Access-Token: SomeTokenHere
It works great.
The issue is that my backend serves protected images, and I cannot put the access token in the image src for some security reasons(If the user copy/paste the link to someone else, the access_token would be given too ...)
What I'd like to do is to inject a header containing my access token, but since the request is made from the browser it doesn't possible.
This could probably be possible with a cookie, but I'd to avoid using a cookie especially because the angularApp and the backend are not on the same sub-domain.
Another idea would be to create a directive that would get the raw data, and set the data to the image. First I don't know if this is possible and is it a good idea for hundreds of images in the webpage ?
If you have any idea, I'd be glad to hear from you !
Thanks
It is typical problem, and fortunately it was already solved - for example on Amazon S3.
Solution idea is simple: instead of directly using secret key - you can generate signature with access policy, using that key.
There is good algorithm designed especially to generate signatures for this purpose - HMAC
You can have one secret key on your server and use it to sign every image URL before it would be sent to client, also you can add some additional policies like url expiration time...
The Problem
When uploading a file using the Go Blobstore API, the success path redirects to the wrong appengine module. Here is a more visual description of the problem:
User lands on the upload page of module A: http://A.my-appengine-app.com/upload
User's browser makes a request to the module for an upload session: http://A.my-appengine-app.com/upload/session
Module A defines a handler for /upload/session which runs the following Go code: url, err := blobstore.UploadURL(c, "/upload/success")
The method returns a URL, similar to: http://A.my-appengine-app.com/_ah/upload/[some long hash]/
This URL is relayed back to the user's browser and inserted into the action of a <form>.
The user submits a multipart POST request to the URL
Whatever handles the URL (some non-user-space appengine handler), attempts to redirect back to /upload/success
This is where things get weird. In development, the server redirects to "/upload/success" in module A. In production, the server redirects to the main module, which we can call B for now. I can tell this is happening because I am getting a 404 in my web console and the logs indicate that the request is being made to module B. I've even gone so far as to explicitly pass the hostname as part of the success path (step #3), but to no effect.
Current Solution (Not Ideal)
It seems my only recourse is to define a handler in module B to handle the request as module A would. Since the goapp architecture globs all the modules together, this isn't the worst tradeoff in the world, but it's semantically wrong given that modules are supposed to be vertically independent. If anyone has any idea how to work around this, I'd be obliged. For now, I'll take the aforementioned approach.
My website generates some short URLs when users share a link (ex: http://futureo.us/l/ixjF).
These short URLs redirect the user to the original content I'm linking to. Before redirecting, the app renders a page that contains only Google Analytics javascript code.
Currently my handler code looks like this:
class PostHandler(handler.Handler):
def get(self, code):
#strip URL shortcode
code = code.strip('/')
#grab URL based on shortcode
url = scripts.urlshort.getURL(code)
if url:
self.render('tracking.html')
self.redirect(str(url))
else:
self.write('Code not FOUND.')
This solution isn't working. GA is not registering pageviews to these short links. I would alo like to see who where the referrers to these short-links.
Any ideas how I could fix this?
I believe your problem is that you're adding an HTML tracking code, in a response that has HTTP redirection. Probably the HTTP redirection is processed earlier than the HTML, if the latter is evaluated at all.
Seems to me that the best solution would be to track the redirects on the server side rather than on the client side. As these are redirects anyway, you don't need to track client-only data such as time spent on page, page events etc. Tracking the redirect would be most accurate and simpler if done in the python code. (I don't know, though, of a way to use the google analytics tools for tracking these; for my uses I just track the redirects in an NDB model).
Another solution, which might be slower on the user experience, is to avoid using HTTP redirect (self.redirect) and instead put a javascript client-side redirect which will be evaluated after the tracking code.
window.location = "{{url}}";