When I sign in, my login should be saved, I don't want to enter the userName Password each and every login time.
below my code :
login() {
this.userService.login(this.user)
.subscribe(
(response: any) => {
this.router.navigate(["/dashboard"]);
},
(error) => alert(error)
);
}
userService.ts
return this.http.post(
url,
JSON.stringify({
name: user.email,
password: user.password
}),
{
headers: new HttpHeaders().set('Content-Type', 'application/json'),
responseType: 'text'
}
)
.map((response: any) => {
for (var x in response) {
if (response.hasOwnProperty(x)) {
}
}
console.log("_body: " + response._body);
return response._body;
})
.catch(this.handleErrors)
}
It's good to keep in mind that any keys and values written to the UserDefaults and SharedPreferences, so the native APIs that are used by the application settings module and the getString and setString methods are simply stored on the disk, for anyone with access to the phone to see. This API is not meant for storing sensitive data, and is meant solely for persisting user settings, so 'defaults' and 'preferences'.
If you want a way to securely store email addresses and passwords on the device, take a look at this library: Nativescript-secure-storage. It does a very similar job to the aforementioned APIs but everything is encrypted so people can't just read the contents from the disk.
NativeScript has exposed the application-settings module. The Application Settings module is used to store strings, booleans, and numbers in a built-in key/value store. Uses SharedPreferences on Android and NSUserDefaults on iOS.
So for example, you could store the login information and use it to check if the user has already been logged in (just as you would do in native Android & iOS projects) - demo POC here
Just like #Nick suggested, you can use application-settings module to store your access token that you can use for underground check later when the user returns.
After successful initial login attempt, get your JWT token from the login process ( or whatever authentication mode you chosse ) and to store it for re-authentication later or just check if the key/[value] is set previously and can be used for simple offline login as well.
use JWT, also you can use offline data.
look at this link for example:
https://medium.com/#njwest/building-a-react-native-jwt-client-api-requests-and-asyncstorage-d1a20ab60cf4
you can use local storage.
You may have
<TextField hint="{{ 'user_name' | L }}" autocorrect="false" required autocapitalizationType="none" [(ngModel)]="model.email"
#emailModel="ngModel" name="email" keyboardType="email"></TextField>
While logging in the component, save it in localstorage
localStorage.setString("username", this.model.email);
in ngOnInit(), you can fetch it back
localStorage.getString("username");
Related
Using Plaid version "2020-09-14". I am following these instructions https://plaid.com/docs/auth/coverage/same-day/
I'm using node js to generate a link token and i successfully do:
var plaid = require('plaid');
const client = new plaid.Client({
clientID: process.env.PLAID_CLIENT_ID,
secret: process.env.PLAID_SECRET,
env: process.env.PLAID_ENV
});
console.log('client is ',client)
app.post('/api/create_link_token', async function (req, res) {
try{
const response = await client.createLinkToken({
user: {
client_user_id: '123-test-user-id',
},
client_name: 'Plaid Test App',
products: ['auth'],
country_codes: ['US'],
webhook: 'https://webhook.example.com',
language: 'en'
})
return res.send({link_token: response.link_token})
} catch (error) {
// handle error
console.log('error',error)
return res.send({err: error.message})
}
});
I get a link token everytime I run this. Then, i use said link token to try to authenticate the user's bank by using same day micro deposits (my company is setup for this through Plaid).
What keeps happening is the screen pops up that asks you to search for your bank and I do not want that. I want the screen to popup just like the one at the top of the page in the link I listed above. It asks the user for their name first, then routing, then account numbers.
How do I make the Plaid api show me the screen that prompts the user for their accounting/routing numbers without trying to authenticate them automatically with their bank username and password?
Thanks
You can't, at least right now, using publicly released Plaid APIs. (You're not the first person to ask for this, and we're working on some stuff that should help, but it isn't yet available to the developer general public.)
Is it possible to call a cloud function that returns objects without having a current user? The iOS and Android SDKs support anonymous users but I'm asking specifically for JavaScript.
I'd like to allow it so that anyone who visits my web app can read objects without having to sign in. I'm using Back4App.
Yes. You can call a cloud code function no matter the user is logged in or not. Inside the cloud function you can check the user property of the request object to check if the user is either logged in or not. In the case that your user is not logged in and you want to query a class which requires user permission, you can use the useMasterKey option.
Parse.Cloud.define('myFunction', async req => {
const { user, isMaster } = req;
if (isMater) {
// the cloud code function was called using master key
} else if (user) {
// the cloud code function was called by an authenticated user
} else {
// the cloud code function was called without passing master key nor session token - not authenticated user
}
const obj = new Parse.Object('MyClass');
await obj.save(null, { useMasterKey: true }); // No matter if the user is authenticated or not, it bypasses all required permissions - you need to know what you are doing since anyone can fire this function
const query = new Parse.Query('MyClass');
return query.find({ useMasterKey: true }) // No matter if the user is authenticated or not, it bypasses all required permissions - you need to know what you are doing since anyone can fire this function
});
I'm new to building APIs, and I'm using Laravel and some packages, like Passport.
In this project I'm creating an API to communicate with a mobile app and make some tasks, like creating users and adding some information related to the users.
I'm already getting the idea of how it works with tokens, and I already have almost everything done. My only question is, for example, before I create a register user to receive the token I have other information being presented in the mobile app, like news, and some listing information that is not needed to login or register.
In my API I already have these routes ready, but I cant access this information because I need a token.
How do iI handle this situation? When I need to access information, where I cant present it?
Use your controllers to retrieve the data you need from your database and then return a response with the data and create a token for the user:
...
$status = 200;
$response = [
'data' => Your data (user info, listings, news...),
'token' => Auth::user()->createToken("YourTokenName")->accessToken,
];
return response()->json($response, $status);
Then you could store that token in localStorage:
axios.post('your-api-route')
.then((response) => {
localStorage.setItem(`${"YourTokenName"}.jwt`, response.token);
...
})
And finally attach that token to the api routes that require authentication:
axios.defaults.headers.common['Authorization'] = 'Bearer ' + localStorage.getItem(`${YourTokenName}.jwt`);
I am trying to migrate users to Cognito when they sign in the first time. For this I wrote a lambda function that does call an API to check if the users exist in db or not ? if the user exists, it will be created in cognito but I am not sure how do I tell the application that user is created and it should allow the user to login .
Here is the code in c#:
public async Task<Stream> FunctionHandlerAsync(Stream stream, ILambdaContext context)
{
RootObject rootObj = DeserializeStream(stream);
User user = new User(rootObj.userName, rootObj.request.password);
ApiResponse apiResponse = await MobileAuthenticateAsync(user.UserName, user.Password);
// Considering apiResponse returns "user authenticated", we create the user in //cognito. This is working.
// How do I send response back to Application so it knows that user is // //created and authenticated and should be allowed to login.
//Before returning stream, I am setting following 2 status.
rootObj.response.finalUserStatus = "CONFIRMED"; // is this correct ?
rootObj.response.messageAction = "SUPPRESS";
return SerializeToStream(rootObj);;
}
You're pretty close.
You can see the full documentation on the Migrate User Lambda Trigger page, however in short you need your response to look like:
{
response: {
userAttributes: {
email: 'user#example.com',
email_verified: true,
custom:myAttribute: 123,
},
finalUserStatus: 'CONFIRMED',
messageAction: 'SUPPRESS',
forceAliasCreation: false,
}
}
Where:
userAttribute: this is a dictionary/map of the user's attributes keys in cognito (note that any custom attributes need to be prefixed with custom:), to the values from the system you're migrating from. You do not need to provide all of these, although if you're using an email alias you may want to set email_verified: true to prevent the user having to re-verify their e-mail address.
finalUserStatus: if you set this to CONFIRMED then the user will not have to re-confirm their email address/phone number, which is probably a sensible default. If you are concerned that the password is given as plain-text to cognito this first-time, you can instead use RESET_REQUIRED to force them to change their password on first sign-in.
messageAction: should probably be SUPPRESS unless you want to send them a welcome email on migration.
forceAliasCreation: is important only if you're using email aliases, as it stops users who manage to sign-up into cognito being replaced on migration.
If you respond with this (keeping the rest of the original rootObj is convenient but not required then the user will migrated with attributes as specified.
If you throw (or fail to respond with the correct event shape) then the migration lambda fails and the user is told that they couldn't migrated. For example, because they do not exist in your old user database, or they haven't provided the right credentials.
Hello guys I want to make the remember me checkbox and I want to save the user info into cookies so next time when try to login he find the user name and password in their fields I try to use :
$rememberMe = false;
if(isset($req->remember_me)) {
$rememberMe = true;
}
if(Sentinel::authenticate($req->all(), $rememberMe)) {
$slug = Sentinel::getUser()->roles()->first()->slug();
}
The cookies was set, I see it in the chrome settings but it does not do as I expect
I'm using laravel 5.2
You can use Cookies
cookie, is a small piece of data sent from a website and stored in a user's web browser while the user is browsing that website. Every time the user loads the website, the browser sends the cookie back to the server to notify the website of the user's previous activity
To create:
$response->withCookie(Cookie::make('name', 'value', $minutes));
To retrieve
$value = Cookie::get('name');
Your question is not to remember the user login.. The question is how to fill the inputs based on saved auth information. You can do that if you print the authentication values in the input value attribute while loading the page.
larval Cookies Docs
Also Laravel has it's own implementation of "Remember Me"
if (Auth::attempt(array('email' => $email, 'password' => $password), true))
{
// The user is being remembered...
}
if (Auth::viaRemember())
{
//
}
More information about https://laravel.com/docs/5.4/authentication#remembering-users
There is two main thing need to taken care:
1) You must pass a bool value as second parameter to the method, make sure you cast it before passing it to the method. - In your code, it's perfect
$credentials = $req->only('LOGINNAME', 'PASSNAME')
if(Sentinel::authenticate($credentials , $req->has('remember_me'))){
//Other stuff
}
2) you can verify it works by ensuring a cookie is set with the key cartalyst_sentinel?
So first change as per 1) option and then check the 2) option, may be this is your answer.