Best approach when all routes requires an authenticated user

aurelia-contrib / aurelia-open-id-connect

An aurelia adapter for the IdentityModel/oidc-client-js

https://zamboni-app.azurewebsites.net

MIT License

54 stars 18 forks source link

Best approach when all routes requires an authenticated user #45

Open larserikfinholt opened 6 years ago

larserikfinholt commented 6 years ago

Hi! First, thanks for this plugin, it works great!

In our new app we only allows authenticated users. That is, we dont need a login button. If the user is not logged in, the app should imediatly redirect to the STS (Identityserver).

What are the recommended way of doing this?

This is what we want to achive:

As fast/early as possible, check for a already logged in user (Any helper methods for this?)
If user is not logged in - redirect to STS
If user is logged in - continue booting the app

Are there any build in functionality in the plugin to help with this?

shaunluttin commented 6 years ago

I can put together a small demo for you later this week. Off the top of my head, I think it is as simple as adding the following to the attached method in app.ts.

this.openIdConnect.observeUser((user: User) => this.user = user);
if (!user) {
    this.openIdConnect.login();
}

See https://github.com/shaunluttin/aurelia-open-id-connect/blob/master/src/open-id-connect.ts for the plugin API. You might also what to try loginSilent() instead of or in addition to login().

larserikfinholt commented 6 years ago

Thanks, I did try something like you descibed, but it sometimes ended in a loop, but I did'nt do much testing. If you would create a small demo, that would be really great!

shaunluttin commented 6 years ago

Apologies for not having responded. I have been away from the computer for a while.

shaunluttin commented 6 years ago

This appears to work in the app.ts code:

  public attached() {
    this.openIdConnect.observeUser((user: User) => this.onUserChanged(user));
  }

  private onUserChanged(user: User) {
    this.user = user;
    if (!this.user) {
      this.openIdConnect.login();
    }
  }

AndreSteenbergen commented 6 years ago

Hi all, I remember I posted a piece of code before as well. On an issue, including a check if the user is still logged in. I'll try to find it.

AndreSteenbergen commented 6 years ago

Maybe you can find your answer here: https://github.com/shaunluttin/aurelia-open-id-connect/issues/25

AndreSteenbergen commented 6 years ago

The login silent call is to check if the current user still has a valid session. Because userdetails are placed in local storage.

arnederuwe commented 4 years ago

I'll see if I can get this baked in, we did something similar in a project of ours