Can anyone help. I have created a small WP7 and its working the way i want it to.
It always asks the user for username and password to enter the application, I also have a button called "Remember Settings", if this is checked the next time the application is loaded i would like it to login autoamtically hence the user will not see the login screen and it will bypass this view and load another.
I need some way to load 1 xaml is the user credentials don't exist or are not valid and another the main app xaml if credential exists and are valid.
It appears that the loading of the page is hardcoded in the manifast. As you can see i am loading my LoginPage.
<Tasks>
<DefaultTask Name ="_default" NavigationPage="LoginPage.xaml"/>
</Tasks>
SO what would my best way of accomplishing this, I thought of changing creating xaml (entance file) where i could check in the constructor of my VIEWMODEL if the credentials exists etc and then do a navigateTo another page. But this feels like code smell..
Can anyone help with advise or examples of the best way of accomplishing this.
I am actually using MVVM Light but things should be pretty much the same?
Thanks in advance
You can do by storing user credentials in ISOLATED STORAGE of windows phone 7. Once User checks remember settings or credentials checkbox then you save these settings in isolated storage. And Next Time As Your Application Launches And Suppose Your Default Page is "MainPage.XAML". Then On This Page OnPageNavigated Event Check For User Settings. If Settings There Then Redirect To User on Other View (Logged View). Otherwise User Will Be On MainPage.xaml. And Logout Button You Can Clear These Settings..
Here is Good Example Here For ISOLATED Storage.
http://msdn.microsoft.com/en-us/library/ff769510%28v=vs.92%29.aspx
http://go.microsoft.com/fwlink/?LinkID=229120 (Example Code)
http://www.windowsphonegeek.com/tips/all-about-wp7-isolated-storage--intro-to-isolated-storage
Hope this will help you. :)
Try storing the username, password, authtokens or any other value which you need to check for authentication in settings.
On opening of login page, check the value of your token from settings in the OnNavigatedTo method. If its not null, it means user is already logged in, then you can redirect him to you Home screen else show the login page and ask him to enter the credentials.
Also don't forget to save the settings on app exit. Check this link below for further help
http://msdn.microsoft.com/en-us/library/ff769510(v=VS.92).aspx
On Logout, clear the tokens in the settings page
Related
I have a home page url http://localhost:3443/home1
In the index action of home1 I am having a session["Home"]=Home1.
I am having another home page url http://localhost:3443/home2
There i have a session session["Home"]=Home2.
Now the context is for some user the landing page is home1. So if they click on home button on the menu or or do any such activity they should land into home1.
For another set of users they should land into home 2 for whatever activity they do which leads to the home page.
Now the menu.it is a ascx control
Here we are checking the session value is home1 or home2.
Based on that we are redirecting the user to the desired landing page.
Now the problem that I am facing is when we copy
http://localhost:3443/home1 to another tab e.g. tab2 and from there we change it into home2 and then do some activity. And then come back to tab1, what happens the value gets overridden it taken the home2 session. Which leads to the wrong landing page on click of home link in the menu. Do you have any solutions for this problem?
I hope i have correctly explained the problem if not please let me know,I will explain further.
Session is for the connection which will include both tabs (for example why you can login to stackoverflow on one tab and then if you open a second tab you are still logged in)
As #Skuld mentioned, the session is for user connection to the site so if the user goes to another page he or she is allowed to go they can open this in a new tab keeping the original tab open, if these are form pages you might want to look at 14 AntiForgeryToken. also i noticed you said this happens in IE does this also happen in Chrome? if so you might want to look to see if IE is excepting cookies. you can add roles to the session and then authorize those roles to home1 or home 2 from your controller, you should be authorizing users and roles to pages in your code not within your session. its hard to help any more without any code to look at.
Hope this gets you on the right track.
Here is my Gwt App, I have many pages: CustomerPage, OrderPage,... Each of these pages will have a header that have a Login Panel on top & its own content in the middle like this:
1- Customer Page
____________UserName...... Password....... Login
Customer Content here.....
2- Order Page
____________UserName...... Password....... Login
Order Content here.....
This means user can sign in in any page, they don't need to go to homepage to sign in.
Then here is my question, When user is in a certain page (ex: CustomerPage) & if they Log out then:
1- Should I refresh the whole page or redirect users to a Logout Page, so if they want to reopen the CustomerPage, then the page will have to go through all the Initializing processes (onBind-onReveal-onReset...)
2- Should I just let user stay where they are, and when user clicks logout button then system will reset variables. By doing that, then if user logs back in, the page will run faster cos it doesn't have to go through all the (onBind-onReveal-onReset...). However, if i do that then it quite difficult for me to reset all the variables. I have to remember which variables already initialed at the time the page got loggined & try to reset it to null or empty string. If i miss resetting just 1 variable then i will have trouble.
Some big site like Google or Facebook are using the solution 1, ie when user signs out it will redirect to new page or go back to homepage.
Also If adopting the solution 1, then i just need to call Window.Location.reload(); & it will reset everything. Even user clicks Back Arrow, they won't be able to see the old data since everything was reset.
So:
Is it Good Practice to redirect to a new Page or staying at the same page When user logged out (GWT)?
When users click on a Logout button, they expect that they can walk away from a computer. If you continue to show the same page, someone else might gain access to the data.
The universally accepted approach is to hide all data (i.e. redirect to the login/home page or close the app completely) when a user logs out. That's what users expect, and this is what you must do.
It depends what you've got loaded into the browser. Log in/out via a page refresh will be slower and present lag to your user. If you properly cleanup after yourself on logout (delete server side session, unbind presenters, clear caches) then it is really optional to refresh the page.
The universally accepted approach is to hide all data (i.e. redirect
to the login/home page or close the app completely) when a user logs
out. That's what users expect, and this is what you must do.
If your session management server side prevents any RPC's once you've logged out, and you no longer present/cache data, this is not an absolute necessity. Use digression based on your app needs, size, load time, and the sensitivity of the data it conveys.
I see where this method is being used, but I'm wondering who has an authoritative answer on the matter?
I know you said you know where, but I'm going to mention it here for completeness since you didn't... hope you don't mind! :)
The flag that isFirstPageAfterLogin() checks is set in the login() method that's called during the admin login process.
It is used in the following places:
Mage_Adminhtml_IndexController to store the value in the admin session so that it's still available on the first page load after the login form is submitted.
Mage_Adminhtml_Block_Notification_Window to determine whether or not to show the notices "window" that often shows after login.
A few actions on Mage_Adminhtml_Report_StatisticsController in order to redirect the user to the page they should be if their login routes them to one of the report refresh actions.
Mage_Core_Controller_Front_Action uses it to redirect a user back to the dashboard if their login routes them to an action that would send a download response, which frequently can rely on filter data that may or may not be available to the controller if it come from the login.
So to recap, it's a very important flag that is used to control some behind the scenes behavior. The most important being redirecting to the correct login page and allowing for one-time notices to show upon login.
This value is used in Mage_Adminhtml_IndexController, specifically the indexAction(), and redirects the admin user to the start up page defined in System > Configuration > Advanced > Admin > Startup Page.
I have a page which have different version, one is member, one is admin, and one is guest.
You may know what is the different, if the user, they have:
login button
register button
if the user is a member, they have:
logout button
edit button in they content
and the admin, will have:
logout button
banned button for all content
So, my question is, they are similar content, show I make 3 separate page? or one page to do all this stuff? Thank you.
I suggest you use one page and use ACL to define what every user can do. I heard ZEND_Acl is a good start.
Definition of ACL:
http://en.wikipedia.org/wiki/Access_control_list
CodeIgniter + Zend ACL:
http://www.lucdebrouwer.nl/adding-zend-acl-to-codeigniter/
http://www.revolves.net/2008/12/18/using-zend-acl-with-codeigniter/
One of my user complained that whenever he tried to add a new user (auth.User) using the default admin interface (Django's admin), the new username and password would get automatically filled with his own.
The problem is he asked Firefox to remember his username/password when he logs in. Is there any way I can prevent Firefox from trying to autofill when not on the login page? I don't really understand what critera Firefox looks at when trying to autofill. The URL is obviously not the same; does it rely only on the domain name and the names (or IDs) of the html fields?
Looking at the answer here, it appears as though you can add an attribute to your form
autocomplete="off"
This should prevent FireFox from autofilling the form in the admin. I'm pretty new to Django, but I imagine that you would need to copy & customize the specific template in the admin where you want this behavior in order to add this attribute.