Skip to content
This repository has been archived by the owner on Jan 7, 2019. It is now read-only.

User Authentication (external)

Jump to bottom
ptejada edited this page Dec 9, 2012 · 6 revisions

It is important that nor the APE_Server or the APS framework handle user authentication. However the APS framework does provides you with methods that can be used to authenticate users using another source. For example there are currently two ways on doing this, using the connect event, using event push or both.

Using the connect event

The connect event is triggered right before the client connects to the APE Server. You can use this event to perform an ajax request to the source that would validate the user's authenticity. Since you will be making an ajax request you must initially return false so the process of connecting to the APE Server is halted. To resume the connecting process you would call client.connect(). In this case you would conditionally call client.connect() form inside the ajax request callback function.

To illustrate the idea in code i'll be using jQuery to perform the ajax request in the code below:

	//Create new client object
	var client = new APS("localhost:6969");
	
	//Adds the `connect` event to the client
	client.on("connect", function(){

		//Check if the user's name is known
		if(!!client.user.name){

			//Ajax call to get the user info
			$.getJSON("script_to_get_user_info.php", function(data){

				//Check if the user is signed and its information is provided
				if(data.signed && data.user){

					//import the user information to the client.user object
					client.user = data.user;
					
					//Resumes the connecting proccess
					client.connect();
				}else{
					//User is not signed
					alert("SORRY NO REALTIME FOR YOU!");
				}
			});
			
			//Holds the connecting process
			return false;
		}
		
		//We have a name, continue connecting to the APE server
		return true;
	})
	
	//Subscribes to the channel `chat`
	client.sub("chat");

NOTE: the client.connect() will re-trigger the connect events so if your ajax callback function does not sets a value to client.user.name you might create a infinity loop in this specific example.

The code above is just an example and may have its vulnerability, you can further secure this method according with your setup and application.

Using eventPush

Clone this wiki locally