Dojo Web Application Authentication

Question

Dojo Web Application Authentication

I am trying to develop a clean javascript web application using Dojo. The problem I am facing is limiting access to parts of the application. Authenticated users should have access to everyone, while unauthenticated users should only have access to the login screen.

The problem is that nothing (that I know) will allow the user to open a javascript terminal browser and enter something like: app.displayRestrictedContent();and thus gain access to a screen intended for authenticated users.

I have implemented ajax based input; all ajax calls are secured by the session. Therefore, as long as an unauthenticated user can load a restricted screen, they will not be able to retrieve data for him. But still, access to this screen seems to be incorrect.

Am I trying to do the impossible? It seems silly to write code, for example if (user.auth) app.displayRestrictedContent();, when it is so easy to get around. And it makes me believe that I am missing something obvious enough for everyone else. I cannot find much information about clean javascript-based applications and authentication models.

+5

javascript authentication ajax dojo

andreb Oct 24 '11 at 4:26

source share

3 answers

But still, It seems wrong for this screen to be arbitrarily accessible.

. , js js, , .

Am I trying to do the impossible?

js . . , js , , . , .

+2

Anh Pham 24 . '11 19:00

, . , , ( , AJAX), ( cookie, , AJAX)

, .

https://en.wikipedia.org/wiki/HTTP_cookie#Session_management

+1

hugomg Oct 24 '11 at 12:45

source share

Frode · Accepted Answer · 2011-10-24T13:12:08+0000

, , . , - ( , ) - , , Javascript.

, , , - . Javascript , , .

-: Javascript. Dojo build shrinksafe, , , . , , - , . , !

, , - " ". , -

dependencies = {
    ..
    layers: [
        { name: "../myApp/Core.js", resourceName: "myApp.Core",
          dependencies: ["myApp.Core", "myApp.Foobar"] 
        },
        { name: "../myApp/modules/Login.js", resourceName: "myApp.modules.Login",
          dependencies: ["myApp.modules.Login", "myApp.modules.LoginUi"...],
          layerDependencies: ["../myApp/Core.js"]
        },
        { name: "../myApp/modules/Secret.js", resourceName: "myApp.modules.Secret",
          dependencies: ["myApp.modules.Secret", "myApp.modules.SecretUi"],
          layerDependencies: ["../myApp/Core.js"],
          authentication: 42
        }
    ]
}

, JS , , , JS , .

. JS , JS , , , . , , , . , .

, . .

Dojo Web Application Authentication

More articles: