User Authentication Using Backbonejs and SLIM Framework
I am trying to develop an application using Backbonejs and SLIM framework. Now I would like to develop a user login / logout functionality. In this case, I would like to keep the SESSION on the server while the user navigates from one page to another. I used to work with another PHP base and core PHP and have successfully implemented user authentication. The SLIM framework works like an API. Actually my problem is, "How do I know the current SESSION is alive using an HTTP API request from Backbonejs?"
It looks messy to me. I have read several stackoverflow posts as below but have not been able to come up with a solution.
How do I authenticate with REST API? (Browser + Native clients)
If REST applications need to be inactive, how do you manage sessions?
How do I use PHP sessions with a REST client application?
I hope some of you implement user authentication using Backbonejs and SLIM Framework as API. If he / she shares his / her experience with some sample code it will be a BIG help to me.
thank
source to share
I'm not sure about the Slim API. But with Restful web services there is no concept of session.
Instead, you can have an http header token that contains your authentication token, and that token can be stored in a table (like the user's table). It is possible to check if the token will be valid every time a request hits the server. Uncheck the sign box.
Post authentication, from the success callback for the signed operation, you can fire a custom event that was associated with the loading of the success page.
EG:
Interact at the application level.
var controller = _.extend({}, Backbone.Events);
controller.on("myapp:dashboard",function() {
//your dashboard data fetch logic.
//create instance of the view and pass fetched data.
});
in the successful login handler (callback) make the following call:
Delegates to the custom controller.
controller.trigger("myapp:dashboard");
Changes the url to the correct location.
myAppRouter.navigate("tourl",{trigger:false});
source to share
I agree with Balaji, but he was not accurate. There is a REST session, but you have to keep it client-side. If you want to write anything in the session, you have to send it back with a response body so that the client can handle and store it. If you want to read anything from the session, you must send it with a request so that the server can process it.
So, if you want to do access control, you have to store the username and password in client memory and override backbone.sync()
to send the header headers every time. On the server side, before authorization, you must authenticate every request, possibly using a cache {username+password} -> {identity+permissions}
via memcached. By SLIM you need to extract the headers, I don't think that will cause a problem. SLIM does not have built-in support for authentication and authorization as it is just an HTTP library, so you need another tool to implement this part.
source to share