NG user session

Forum to discuss the new web client version of Servoy.

NG user session

Postby vlad_chiru » Sat Aug 20, 2022 5:01 pm

Hi,

I'm creating an API based NG application, and i need to be able to create a session for the authenticated user.
The authentication is done via API call, and i don't have any users in the database that is linked to the NG application.
I cannot find any way of using the browser session. Please tell me what is the best approac for this.
I need to keep the user logged in even if the user closes the browser and then opens it again.
It's a 2 factor autentication through API and each login costs money to my customer, so he wants to keep the users logged in for 24 hours (if the user doens't click the logout button)

Thank you!
vlad_chiru
 
Posts: 3
Joined: Mon Jul 01, 2013 11:47 am

Re: NG user session

Postby mboegem » Sun Aug 21, 2022 5:52 pm

Store session token via JWT in local storage of the browser.
At the same time you can store that token in the database.
Both JWT and token in database can have expiry date.

When a user wants to access the solution: check the JWT. If valid you can check if the token exists as record token in DB.
If all is valid: proceed, otherwise reject and let them login using 2FA.

You can also implement Google Authenticator method as 2FA, as that doesn't need an external service it is free of charge.
Marc Boegem
Solutiative / JBS Group, Partner
• Servoy Certified Developer
• Servoy Valued Professional
• Freelance Developer

Image

Partner of Tower - The most powerful Git client for Mac and Windows
User avatar
mboegem
 
Posts: 1742
Joined: Sun Oct 14, 2007 1:34 pm
Location: Amsterdam


Return to Servoy NGClient

Who is online

Users browsing this forum: No registered users and 3 guests

cron