PDA

View Full Version : Stopping access to pages when not logged in, avoiding using server technology ?



iangregson
14 Apr 2014, 7:26 AM
Hi there,

I have seen a number of examples implementing security, i.e. stopping access to web pages when the person isn't logged in. All these examples seem to use some sort of server side technology, for example, .NET using web forms security. It takes charge of redirecting the user to the login page if not logged in.

Does anyone know of a good up-to-date sample that uses pure javascript to implement this?

I know using pure javascript can easily be bypassed. But I wanted to use a PURE javascript UI (Ext JS) rather than depending on any server technology. My server rest points will be protected by a token.

Also from what I have seen the login pages seem to be implemented on their own html page, once logged in the user is redirected to the main html page where all the Ext JS magic happens.

Considering this is a SPA, can we not implement the login page as part of of the main html file.

Any ideas?

Thanks

iangregson
14 Apr 2014, 7:45 AM
With regards to loading the login form and my main app as part of the same page, it seems I can use a viewport with a card layout... 1 card would have the Login Page and the other card would have the rest of the app.

is this a recommended solution ?

iangregson
14 Apr 2014, 7:53 AM
Or would a better option be using a viewport and adding and removing components at runtime?