Skip to content

Adds cookie based login, also called "remember me"-functionality. #299

Merged
merged 1 commit into from Mar 5, 2014

3 participants

@hermansc
Collaborator

This commit fixes issue #284 by adding cookies/authentication tokens at the
client side and validating these in the DB. When a user either registers or
logs in, without already having a cookie, a sha1-hash is generated using the
username and a secret key. This hash is stored in a DB-table calles 'Session'
and client side using the jquery-cookie plugin. When closing and opening the
application again we check if the users have a 'auth_token' in their cookies,
if this is the case we check its validity in the DB. If everything is OK, we
'jump through the hoops' and sets the user as logged in, restores his/hers
connections and render the chat_application. If it is not valid we delete the
cookie at the client and render the overview page.

As I've never actually implemented a cookie-based login system using javascript
before, I do not know if this solution is optimal and I'm more than happy to
discuss alternative approaches or restructure the code.

@hermansc hermansc Adds cookie based login, also called "remember me"-functionality.
This commit fixes issue #284 by adding cookies/authentication tokens at the
client side and validating these in the DB. When a user either registers or
logs in, without already having a cookie, a sha1-hash is generated using the
username and a secret key. This hash is stored in a DB-table calles 'Session'
and client side using the jquery-cookie plugin. When closing and opening the
application again we check if the users have a 'auth_token' in their cookies,
if this is the case we check its validity in the DB. If everything is OK, we
'jump through the hoops' and sets the user as logged in, restores his/hers
connections and render the chat_application. If it is not valid we delete the
cookie at the client and render the overview page.

As I've never actually implemented a cookie-based login system using javascript
before, I do not know if this solution is optimal and I'm more than happy to
discuss alternative approaches or restructure the code.
45fd5e2
@thedjpetersen thedjpetersen merged commit c09e085 into thedjpetersen:master Mar 5, 2014
@thedjpetersen
Owner

Thanks!

@jamietech

The issue with this change is that when multiple accounts are being used (i.e., to be able to connect to more than one network) it is now no longer possible to "logout" (or the option is hidden from the UI).

@hermansc hermansc deleted the hermansc:remember-me branch May 9, 2014
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Something went wrong with that request. Please try again.