aurelia-open-id-connect icon indicating copy to clipboard operation
aurelia-open-id-connect copied to clipboard

Published 20 hours ago verified publisher icon aurelia-contrib

Best approach when all routes requires an authenticated user

Open larserikfinholt opened this issue 7 years ago • 8 comments

Hi! First, thanks for this plugin, it works great!

In our new app we only allows authenticated users. That is, we dont need a login button. If the user is not logged in, the app should imediatly redirect to the STS (Identityserver).

What are the recommended way of doing this?

This is what we want to achive:

  • As fast/early as possible, check for a already logged in user (Any helper methods for this?)
  • If user is not logged in - redirect to STS
  • If user is logged in - continue booting the app

Are there any build in functionality in the plugin to help with this?

larserikfinholt avatar Dec 01 '17 09:12 larserikfinholt

I can put together a small demo for you later this week. Off the top of my head, I think it is as simple as adding the following to the attached method in app.ts.

this.openIdConnect.observeUser((user: User) => this.user = user);
if (!user) {
    this.openIdConnect.login();
}

See https://github.com/shaunluttin/aurelia-open-id-connect/blob/master/src/open-id-connect.ts for the plugin API. You might also what to try loginSilent() instead of or in addition to login().

shaunluttin avatar Dec 01 '17 22:12 shaunluttin

Thanks, I did try something like you descibed, but it sometimes ended in a loop, but I did'nt do much testing. If you would create a small demo, that would be really great!

larserikfinholt avatar Dec 07 '17 16:12 larserikfinholt

Apologies for not having responded. I have been away from the computer for a while.

shaunluttin avatar Dec 11 '17 23:12 shaunluttin

This appears to work in the app.ts code:

  public attached() {
    this.openIdConnect.observeUser((user: User) => this.onUserChanged(user));
  }

  private onUserChanged(user: User) {
    this.user = user;
    if (!this.user) {
      this.openIdConnect.login();
    }
  }

shaunluttin avatar Dec 16 '17 02:12 shaunluttin

Hi all, I remember I posted a piece of code before as well. On an issue, including a check if the user is still logged in. I'll try to find it.

AndreSteenbergen avatar Dec 16 '17 19:12 AndreSteenbergen

Maybe you can find your answer here: https://github.com/shaunluttin/aurelia-open-id-connect/issues/25

AndreSteenbergen avatar Dec 16 '17 19:12 AndreSteenbergen

The login silent call is to check if the current user still has a valid session. Because userdetails are placed in local storage.

AndreSteenbergen avatar Dec 16 '17 19:12 AndreSteenbergen

I'll see if I can get this baked in, we did something similar in a project of ours

arnederuwe avatar Sep 25 '19 11:09 arnederuwe