Jump to content

Multiple uniGUI applications - only one login


wjjw

Recommended Posts

Hello,

I have multiple uniGUI applications running on HyperServers.
When you access first time/session on one app - e.g. app01 you need to login.
There are links on app01 to the other apps using same DB (app02 and app03).
If I click on this links while an existing valid session I don't want to login again.
All user credentials are the same for all applications (app01-app03).

What is the best and secure way/technique to do this? Cookies, parameters, ...?

Best regards,
    /Werner

Link to comment
Share on other sites

14 hours ago, wjjw said:

Hello,

I have multiple uniGUI applications running on HyperServers.
When you access first time/session on one app - e.g. app01 you need to login.
There are links on app01 to the other apps using same DB (app02 and app03).
If I click on this links while an existing valid session I don't want to login again.
All user credentials are the same for all applications (app01-app03).

What is the best and secure way/technique to do this? Cookies, parameters, ...?

Best regards,
    /Werner

I think the best way is cookies. 

https://medium.com/swlh/secure-httponly-samesite-http-cookies-attributes-and-set-cookie-explained-fc3c753dfeb6

Link to comment
Share on other sites

11 hours ago, andyhill said:

Sometimes cookies can be blocked, I use Encrypted Local Storage 🙂

Hi Andy!

Sounds like a good solution.

So if I understand it correctly - did you do it like this?:

  1. When you open the application(s) you check if the file exists
  2. If yes, check the correct values and the time stamp
  3. if OK, skip the login page
  4. if NOT OK, redirect to the login page and create the encrypted local storage file.

Is this supported with all browsers?
Is also my time stamp method correct?
Do you have an example of your solution which you could share with me?

Thanks a lot for your input.

/Werner

Link to comment
Share on other sites

Werner, you can achieve what you want from many different ways. MainModule has a BeforeLogin Event, LoginForm has a BeforeShow Event etc.

Here is the Local Storage code (off memory) where the data is stored as key A0 (edtUserName is a TUniEdit):-

Fetch key A0 data into edtUserName.Text
edtUserName.JSInterface.JSCall('setValue', [jsstatement('localStorage.getItem("A0")')]); // Must Use Double Quotes

Save custom text using edtUserName's interface
edtUserName.JSInterface.JSCallGlobal('localStorage.setItem', ['A0', 'custom text'] );

Hope this helps

  • Thanks 1
Link to comment
Share on other sites

19 hours ago, andyhill said:

Werner, you can achieve what you want from many different ways. MainModule has a BeforeLogin Event, LoginForm has a BeforeShow Event etc.

Here is the Local Storage code (off memory) where the data is stored as key A0 (edtUserName is a TUniEdit):-

Fetch key A0 data into edtUserName.Text
edtUserName.JSInterface.JSCall('setValue', [jsstatement('localStorage.getItem("A0")')]); // Must Use Double Quotes

Save custom text using edtUserName's interface
edtUserName.JSInterface.JSCallGlobal('localStorage.setItem', ['A0', 'custom text'] );

Hope this helps

andyhill, thank you for your response, but I don't know, how to use localStorage in MainModule using  BeforeLogin Event, because Mainmodule has not visual elements so I cant' use "edtUserName" (TuniEdit) to load a value from localStorage. Maybe there is a way to do it but I don't know...

Link to comment
Share on other sites

On 11/13/2021 at 4:52 PM, Pep said:

andyhill, thank you for your response, but I don't know, how to use localStorage in MainModule using  BeforeLogin Event, because Mainmodule has not visual elements so I cant' use "edtUserName" (TuniEdit) to load a value from localStorage. Maybe there is a way to do it but I don't know...

Hello,

http://forums.unigui.com/index.php?/topic/12306-how-can-i-access-local-storage/&do=findComment&comment=65734

 

1. Let's say you have an elementary application (app0) with just a mainform and loginform. This mainform contains 2 labels : app1 and app2.

2. Store a local storage key (login) on the first time when a user open a session on this welcome mainform (app0).

3. When the same user click on app1, retreive this key on loginform.beforeShow event (app1).

If the key is OK then app1.loginform.modalReslt:=MrOK

4. Keep in mind to destroy this key on all sessionOut (app0, app1, app2).

_______________

NB : This work without parameters on URL

lblapp1 : www.localhost:8077

lblapp2 : www.localhost:8078

Obeviously, for security, each app1 and app2 has its loginform.

 

For more training you can see how to bypass loginform here (old sample)

http://forums.unigui.com/index.php?/topic/9564-soautoplatformswitch-demo/&do=findComment&comment=74590

 

  • Thanks 1
Link to comment
Share on other sites

Please sign in to comment

You will be able to leave a comment after signing in



Sign In Now
×
×
  • Create New...