Categories

JavaScriptPHPHTMLCssPythonWordPressWeb developmentLinuxMySQLAndroidWindowsJavaC++ / C#LayoutReactUbuntuYiiDjangoProgramming1C-BitrixLaravelSystem administrationTelegramJSONDebianPostgreSQLIOSGoogleHtaccessWindows ServerGitMacOSGoogle ChromeCMSWooСommerceBootstrapNginxSQLUnityAPI
Make a leaderReport
M
M
Maxim2013-12-01 08:53:32
In contact with
Maxim, 2013-12-01 08:53:32

Authorization through vk.api and access control to certain pages of the site?

Good afternoon. Since I'm not familiar with server technologies, I don't know where to dig yet.
Situation: the site has authorization through Vkontakte. After the user is authorized - some kind of cookie is set? Or what else? (VK authorization works through Open Auth)
I need to somehow identify the user (I can easily get his vk id) and give him the right to view certain pages. Another user may have a different set of pages.
I'm using node.js + express
What is the process for such access control? Should I write something to the mongo database? Do a "session"?) As you can see, my question is just like from a teapot, and I can't specifically formulate it, because I don't know how the process of authorization and user authentication looks like. What do you recommend to read a small volume?
Thank you.

Reply
Answer the question

Answer the question

In order to leave comments, you need to log in

2 answer(s)
Report
K
Kilai, 2013-12-12
@maxfarseer

To work with OAuth at the moment, fertilizer of all use the passport.js module . As for access control. Instead of abbreviated

app.get('/route', function(req, res) {
  // ...
});

can be used
app.get('/route', [loadUser1, loadUser2, ..., loadUserN], function(req, res) {
  // ...
});

where loadUser1, loadUser2, ..., loadUserN are some functions that are passed 3 parameters (req, res, next). next() calls the next function in the list. Using req, you can get / add session data or, if passport.js is configured, the passport object, which contains all the information from VK. redirect('/'); will redirect objectionable to the appropriate page.
function loadUser(req, res, next) {
  if (req.session.user_id) {
    next();
  }
  else {
    res.redirect('/sessions/new');
  }
}

Report
A
Arthur Koch, 2013-12-01
@dudeonthehorse 

VK.Auth.getLoginStatus(function(response) {
  if (response.session) {
    /* Сверяем данные сессии от вконтакта с доступами для этого пользователя в базе. Если нет записи для этого пользователя, то создаем ее. */
  } else {
    /* Пшел вон */
  }
});

That is, when a VKontakte user first enters the system, he must be assigned the appropriate rights. And on subsequent visits they should be checked.

Similar questions
S
SemyonDyachenko2019-10-31 18:38:07
How to scale pixelart in sfml? 2Reply
S
SideWest2019-06-19 21:12:54
Why does the POST request not want to be sent? 1Reply
A
alexxl22021-02-04 22:27:55
How to learn all the conversations that the bot is in? 0Reply
M
mdev2019-06-20 13:05:35
How to get survey results without completing the survey? 2Reply
A
Alexander Verbitsky2019-06-20 17:17:32
How to add "properties" to products through the VKontakte API? 1Reply

Didn't find what you were looking for?

Ask your question

Ask a Question

731 491 924 answers to any question