search

biocodellc / biocode-fims-commons

Biocode Field Information Management System
3 stars 0 forks source link

Check Project a User Belongs To on login #18

Closed jdeck88 closed 8 years ago

jdeck88 commented 8 years ago

Some sub-tasks to this issue.

  1. in the project table, create a field called projectUrl which contains the hostname + {appRoot} (from main JS file). t (e.g. biscicol.org/dipnet would be the value for DIPNET) -- make this field NOT NULL.
  2. Send the hostname + {appRoot} along with logins as the referrer
  3. on Login, add a check that the user who is logging in is part of the project from which they are logging in from. Use the referrer from the Login Service (we construct the referer as in steps 2 and 3 above). E.g. an ARMS user cannot login if they are coming from biscicol.org.
rodney757 commented 8 years ago

okay, so we can't explicitly set the "referer" header. However we can add custom headers. We could add a header called "projectUrl".

My only concern is that this makes it a bit more difficult for users such as AmphibiaWeb who use the rest services. This requires them to send along a header when calling the login service

jdeck88 commented 8 years ago

any other ways to do this?

On Thu, May 12, 2016 at 3:43 PM, RJ Ewing notifications@github.com wrote:

okay, so we can't explicitly set the "referer" header. However we can add custom headers. We could add a header called "projectUrl".

My only concern is that this makes it a bit more difficult for users such as AmphibiaWeb who use the rest services. This requires them to send along a header when calling the login service

— You are receiving this because you authored the thread. Reply to this email directly or view it on GitHub https://github.com/biocodellc/biocode-fims-commons/issues/18#issuecomment-218906838

John Deck (541) 914-4739

rodney757 commented 8 years ago

implemented in commits 9c6322926e80ea0973206cfc1e0a027991c432aa and baee562cddb5bd025992c5d5a372c9c141ed3359