Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Sample code to login and logout with accounts.topcoder.com #1

Open
wants to merge 19 commits into
base: master
Choose a base branch
from
Open

Sample code to login and logout with accounts.topcoder.com #1

wants to merge 19 commits into from

Conversation

ykohata
Copy link

@ykohata ykohata commented Mar 15, 2016

Sample code to login and logout with accounts.topcoder.com

Basic flows are described at:

https://appirio.atlassian.net/wiki/display/CORE/accounts.topcoder.com

Demo movies

login/logout
http://screencast.com/t/f9YweRIO4Q
login after reset password
http://screencast.com/t/I6wFb14v01

Login & Logout

Login

home.controller.coffee

# redirect to accounts.topcoder.com to log in to the system with specifying the callback url on 'retUrl' parameter.
# e.g. https://accounts.topcoder-dev.com/login?retUrl=https%3A%2F%2Fsample.topcoder-dev.com%2F
vm.login = ->
  accountsUrl = constants.ACCOUNTS_LOGIN_URL + '?retUrl=' + encodeURIComponent(constants.LOGIN_RETURN_URL) 
  $log.info 'redirect to ' + accountsUrl
  $window.location = accountsUrl

Logout

home.controller.coffee

# redirect to accounts.topcoder.com to log out from the system.
# with specifying the callback url on 'retUrl' parameter.
# e.g. https://accounts.topcoder-dev.com/logout?retUrl=https%3A%2F%2Fsample.topcoder-dev.com%2F
vm.logout = ->
  accountsUrl = constants.ACCOUNTS_LOGOUT_URL + '?retUrl=' + encodeURIComponent(constants.LOGOUT_RETURN_URL) 
  $log.info 'redirect to ' + accountsUrl
  $window.location = accountsUrl

Logout URL

To log out from the whole system, each application should provide its own logout url which is that accounts site opens with iframe in the logout page.
Sample: https://sample.topcoder-dev.com/logout.html (This has been manually deployed in S3)
logout.html

<!DOCTYPE html>
<html>
  .....
  <body>
    Logging out..
    <script type="text/javascript">
      if(localStorage) {
        localStorage.removeItem('auth0Jwt');
        localStorage.removeItem('userJWTToken');
        localStorage.removeItem('userRefreshJWTToken');
        deleteCookie('tcjwt');
        deleteCookie('tcsso');
      }

      function deleteCookie(cookie) {
        var domain = location.hostname.substring(location.hostname.indexOf('.'));
        document.cookie = cookie + "=; path=/; domain=" + domain + "; expires=" + (new Date()).toGMTString()+"; ";
      }
    </script>
  </body>
</html>

Callback

home.controller.coffee

# handle callback
# https://sample.topcoder-dev.com/?jwt=.....
# - jwt  : v3 jwt
init = ->
  if $stateParams.jwt
    TokenService.setAppirioJWT $stateParams.jwt
    if AuthService.isLoggedIn()  
      vm.username = TokenService.decodeToken().handle

2016.03.29
The tcjwt and tcsso can be received via Cookie directly if the application and Accounts site are in the same domain.

Reset Password

Login after resetting password

reset.controller.coffee

# "reset" button
vm.submit = ->
  vm.error = false
  AuthService.resetPassword(vm.handle, vm.token, vm.password).then(success).catch(failure)

# callback on success
# redirect to accounts.topcoder.com to log in to the system with specifying handle, password and the callback url (retUrl).
# e.g. https://accounts.topcoder-dev.com/logout?handle=jdoe&password=******&retUrl=https%3A%2F%2Fsample.topcoder-dev.com%2F
success = ->
  accountsUrl = constants.ACCOUNTS_LOGIN_URL + '?handle=' + encodeURIComponent(vm.handle) + '&password=' + encodeURIComponent(vm.password) + '&retUrl=' + encodeURIComponent(constants.LOGIN_RETURN_URL) 
  $log.info 'redirect to ' + accountsUrl
  $window.location = accountsUrl

@ykohata
Copy link
Author

ykohata commented Mar 29, 2016

@aselbie @sudoster
The callback section of the description has been updated.
tcjwt and tcsso are stored in Cookie after authentication with Accounts site if applications(memeber and connect) are in the same domain.

home.controller.coffee

# handle callback
# https://sample.topcoder-dev.com/?jwt=.....
# - jwt  : v3 jwt
init = ->
  if $stateParams.jwt
    TokenService.setAppirioJWT $stateParams.jwt
    if AuthService.isLoggedIn()  
      vm.username = TokenService.decodeToken().handle
  ### NO NEEDED
  if $stateParams.tcjwt
    $cookies.put 'tcjwt', $stateParams.tcjwt, constants.COOKIE_SPEC.create()
  if $stateParams.tcsso
    $cookies.put 'tcsso', $stateParams.tcsso, constants.COOKIE_SPEC.create()
  ###

@aselbie
Copy link

aselbie commented Mar 29, 2016

@ykohata I have a question about the logout logic. If we use the module that I am adding to as described on Confluence, we will be able to avoid using the localStorage for our individual subdomains entirely. I think this will simplify the logout process significantly. Do you see any issues with this process?

@ykohata
Copy link
Author

ykohata commented Mar 30, 2016

@aselbie
Thank you for sharing the doc. I added a comment.

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers
No reviews
Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.
2 participants
@ykohata @aselbie