I am trying to login as admin using mobile device and after successful login, I am setting cookie in response header. Mean while, when I try to access routes from other device(laptop), I get all admin access from other device.
How do I maintain session for multiple users ?
Also the problem is I am trying to maintain the view state in global object(login/logout button based on if user in logged-in or not) which get lost with server-side rendering.
I mean all the JavaScript variable data(DataMixin object in my case) is lost.
How to develop isomorphic riotjs app? See similar issue fixed in reactJs: https://github.com/reactjs/react-chartjs/issues/57
State:
document.addEventListener('DOMContentLoaded', function (e) {
DataMixin = { //Global object
setAuthentication: function(){
if(arguments[0] != null){
localStorage.setItem('role', arguments[0][0]);
localStorage.setItem('loginStatus', arguments[0][1]);
}
},
getRole: function(){
return localStorage.getItem('role');
},
}
}
View:
<a href="#" if="{DataMixin.getRole() == ROLE_USER}">ADMIN LOGIN</a>
<li if="{DataMixin.getRole() == 'ROLE_ADMIN'}">
<a onclick="{logout}">LOGOUT</a>
</li>
Loading pages from server-side using node+express:
function urlDataApiResponse(url, params, req, res) {
swig = require('swig');
var header_tag = require('./public_html/tags/header_tag.tag');
var blog_post_details_tag = require('./public_html/tags/blog_post_details.tag');
var footer_tag = require('./public_html/tags/footer_tag.tag');
var blog_sidebar_tag = require('./public_html/tags/blog_sidebar.tag');
var slide_menu_tag = require('./public_html/tags/slide_menu.tag');
app.engine('html', swig.renderFile);
app.set('view engine', 'html');
app.set('views',__dirname + '/public_html/tags/');
var postDetails = {};
console.log('url inside getApiResponse ', url);
var options = {
method: 'GET',
uri: url,
qs: params,
headers: {
'User-Agent': 'Request-Promise'
},
json: true // Automatically parses the JSON string in the response
};
rp(options)
.then(function (response) {
createJWT(req,res);
var postDetails, categories, blog_sidebar_tag_rendered, slide_menu_tag_rendered,
header_tag_rendered, blog_tag_rendered, footer_tag_rendered;
postDetails = (response[0].attributes);
console.log('.............................................................');
console.log('.............SERVER-SIDE-RENDERING:START.....................');
console.log('.............................................................');
header_tag_rendered = riot.render(header_tag, {role: storage.getItemSync('role'), loginStatus: storage.getItemSync('loginStatus') });
slide_menu_tag_rendered = riot.render(slide_menu_tag, {role: storage.getItemSync('role'), loginStatus: storage.getItemSync('loginStatus') });
blog_tag_rendered = riot.render(blog_post_details_tag, {details: postDetails, role: storage.getItemSync('role')});
blog_sidebar_tag_rendered = riot.render(blog_sidebar_tag);
footer_tag_rendered = riot.render(footer_tag);
var meta_details = {
postImageUrl: postDetails.userImage,
title: postDetails.title + " - Rootscopeit.in",
description: postDetails.details.substring(0,200)+"...",
details: postDetails.details,
url: postDetails.url
};
res.render('blog_post_details', {
open_graph: meta_details,
header_details: header_tag_rendered,
slide_details: slide_menu_tag_rendered,
article_details: blog_tag_rendered,
sidebar_details: blog_sidebar_tag_rendered,
footer_details: footer_tag_rendered});
console.log('............................................................');
console.log('............SERVER-SIDE-RENDERING:END.......................');
console.log('............................................................');
})
.catch(function (err) {
console.log('=================================');
console.error('POST error ', err.stack);
console.log('=================================');
return res.status(res.statusCode).send(err);
});
}
Setting cookie in passport js:
//==============
//TOKEN CREATION
//==============
function createJWT(req, res){
var claims = {
sub: 'Social Authentication',
iss: 'https://rootscopeit.in',
};
var jwt = nJwt.create(claims, secretKey);
jwt.setExpiration(new Date().getTime() + (60 * 60 * 1000 * 1)); // One hour from now
var token = jwt.compact();
var cookies = new Cookies(req, res).set('access_token', token, {
//httpOnly: true,
//secure: true // for your production environment
});
}
//=======================================
//===Google Authentication
//=======================================
var passport = require('passport');
var GoogleStrategy = require('passport-google-oauth20').Strategy;
app.use(passport.initialize());
app.use(passport.session());
passport.serializeUser(function (user, done) {
done(null, user);
});
passport.deserializeUser(function (obj, done) {
var user = USERS[id];
done(null, user);
});
app.get('/auth/google', passport.authenticate('google',
{scope: ['profile', 'https://www.googleapis.com/auth/plus.login',
'https://www.googleapis.com/auth/plus.profile.emails.read',
'https://www.googleapis.com/auth/blogger']}));
app.get('/auth/google/callback', passport.authenticate('google', {failureRedirect: '/', failureFlash: true}),
function (req, res) {
console.log('success authentication');
createJWT(req,res);
res.send(popupTools.popupResponse(req.user));
}
);