All of the examples of the ng-grid (AngularUi grid component) use GET requests.
I am using CakePhp and have got an Action function in a controller which returns json.
Is there a way to secure GET requests to that Action function? Do I use the in-built security of CakePhp to restrict access to that controller?
At the moment, I can just load the route to it in a browser for the world to see. And that is not ideal.
This is what I am looking for - SecurityComponent::$csrfCheck
Found at the security component part of the API.
I should have looked harder.
Thanks!
Related
I´d like to know if exists a better way to render a view like this:
For the first load I need bring data from Controller like usual but after apply a filter in same page I need to start use AngularJS and never more uses Razor.
Is there a way to do that ?
Thanks for all.
Yes. you can do that.
Basically, you'd need to add the line below in your view. After you do that, the json is going to be available to the DOM / javascript and angular can take it from there. Hope this help
var json = '#Html.Raw(Model.MyJsonStringForMyCoolAngularJsApp)';
There are multiple ways to implement ASP.Net MVC with AngularJs.
I personally like Mini SPA (Silos). You can watch Miguel A Castro's video here.
You can also download the source at his website.
What it does is when a request comes in, it goes to ASP.Net MVC Route first. Then, Angular Route takes over the rest. It is a very slick design.
FYI: I also use Angular.Net Helpers to generate strongly typed views.
You could use WebAPI project in visual studio to exchange data between frontend and backend. It would go stateless, so to secure the data, you could use a mechanism like JWT.
The frontend would exchange JSONS from/to the backend using REST apis.
Yes. You can make angular views and exchange data using $http.get(/controller/method/). You can also configure routing using ngRoute.
I am confused about how to process my form(s) using django, django-rest-framework, angularjs, and django-angular.
Using standard Django techniques I can create a model form in my view and pass it to my template.
Using django-angular, I can ensure that the form has lots of pretty bootstrap3 styling and integrates well w/ angularjs.
Using angularjs, I can bind the form to javascript models and gets loads of cool interactive functionality.
Using django-rest-framework, I can load the initial form data via a RESTful API which returns JSON.
This all works great. I am just not sure what to do when submitting my form though...
Should I submit using an angular function that calls my RESTful API? Or should I submit using normal Django methods (ie: if form.is_valid(): form.save()?
I am refactoring this code from a pure Django app and the forms have some extremely complex custom validation methods. I am not sure that I can (or should) replicate that in angular.
Is there a "best practice" out there? Given that I can GET and POST via my RESTful API, what is the advantage to still doing it via Django?
note: I just thought that custom serialization validation should let me have the same level of complexity going through django-rest-framework as I previously had in pure Django. Whether this is a good idea or not is still a valid question.
note2: angularjs & django-rest-framework sure does seem faster.
It is common practice to submit the data through the API and let the serializer do most of the validation for you. You can then do custom validation if needed. You can take a look here for more information on custom validation if you need it. But it does a pretty good job and I rarely have to write any custom validation.
Some of the problems you may run into with trying to do it through pure django, is that it will mess up your SPA. Doing a POST request will require you to "leave the SPA" and return back to it. Other issues such as CSRF tokens are also a pain in the butt to try and figure out. Best to just use your REST API.
I'm looking for a way to route URLs to different controllers depending on the value of the HTTP 'Accept' header.
All I have found so far is the official CakePHP documentation on routes but it is not very detailled.
Is this possible using route configurations or do I have to do this another way (e.g. by implementing a DispatcherFilter to inspect the CakeRequest)?
I want a set-up where I can seamlessly distribute responsibilities
between server side and client side: e.g. letting the client handle
the view creation instead of the server responding with an HTML
document.
Guess you're using something like AngularJS? Well, then you expect a data format back instead of HTML I guess. So request application/json via the accept header and / or the extension. Cake can detect both and respond accordingly.
Read about JSON and XML views in the manual.
http://book.cakephp.org/2.0/en/views/json-and-xml-views.html
I would like to know what is the proper way to get data from backend when I want to use angularJs (or similar) in my web app?
The only way I see is to render html (static html with js scripts - e.g. angularjs) with no data from backend and then download data via ajax requests from my backend API. But I think this solution is not good because of many HTTP requests:
For example I have blog website, I want to show a post, comments, and the related posts on the sidebar. So probably I need to make at least 3 HTTP requests to get the data unless I will prepare API to get all I need in one request.
I can also imagine websites that could have much more HTTP requests. Is it a proper way to do this? Doesn't it overload a server? Or my way of thinking is so wrong?
It is either websockets or HTTP requests. Preparing API to get all in one request is one option. Another two options are XMLHttpRequest/iframe streaming which is a method of a technique known as Comet.
I would go with websockets since it is supposed to solve the problem that was previously solved with weird applications like iframe streaming. There are libraries that properly handles fallbacks if the browser does not support websockets:
web-socket-js ( this needs a websocket server )
Socket.IO ( this has a node.js module and also implements a kind of unnecessary protocol on top of websocket protocol )
If you choose the old methods there will be many problems waiting for you on the road like XmlHttpRequest.responseText while loading (readyState==3) in Chrome
I think you have to distinguish two cases:
You render the page for the first time.
You update parts of your page when something changes
Of course in the second case it makes sense to fetch only parts of the page via individual HTTP requests. However, in the first case you can simply serialize your complete model as one JSON object and embed it in the page like this:
<script type="text/javascript">
var myCompleteModel = { /* Here goes your model */ };
<script>
The controllers of the components on your page can then access this global variable to extract the parts being relevant for them. You can also wrap access to the initial model in a service to avoid accessing a global variable in all your controllers.
I need to post a product details in twitter whenever it is added in my website.I am using Cakephp, and i use twitter datasource available in book.cakephp.org . It returns a 'Basic authentication is not supported ' message
when i searched it, i get that twitter is now using OAuth, how can i impliment this in my data source?. i did it referring the below url
http://book.cakephp.org/view/1077/An-Example
Anybody please help.
The Cake Book link seems to be out of date and relevant to the time before Twitter implemented OAuth.
I have accomplished what you're trying to do using http://code.42dh.com/oauth/ but this is basically a controller and a component, not a datasource as you asked.
There's a CakePHP OAuth Datasource for CakePHP which might work (I haven't tried it) but you'll need to add the PHP Oauth library too. If you choose to do this, let me know if it works as interacting with Twitter as a datasource makes a lot more sense, especially as Cake are depreciating components.
I have created this - it isnt a datasource but it provides a model you can use to accomplish what you need to do:
https://github.com/voycey/CakePHP-Twitter-API-v1.1-Full
You can either use a Shell to have it post automatically or you can just call it in your controller when you add your entity.