Making requests to the restaurants API (or making them to the authentication API in the future) have cross-domain issues.
But that is not going to happen, as we said yesterday the Web Content and the "API Services" will be on the same server.
best
De: <fiware-developer-experience-bounces at lists.fiware.org<mailto:fiware-developer-experience-bounces at lists.fiware.org>> on behalf of Pablo Fernández Moniz <pablofernandezmoniz at gmail.com<mailto:pablofernandezmoniz at gmail.com>>
Fecha: miércoles, 22 de julio de 2015, 11:20
Para: "fiware-developer-experience at lists.fiware.org<mailto:fiware-developer-experience at lists.fiware.org>" <fiware-developer-experience at lists.fiware.org<mailto:fiware-developer-experience at lists.fiware.org>>
Asunto: [Fiware-developer-experience] Client side
Hi all,
We just upload the light client in GitHub:
In the current state, we had removed all the code from the server side, therefore we dont have real authentication process.
Authentication must be implemented from the client side when its API is ready.
On the other hand, we have converted the Jinja2 templates to static html files.
Making requests to the restaurants API (or making them to the authentication API in the future) have cross-domain issues. We suggest some solutions:
* Add the header 'Access-Control-Allow-Origin: *' to the API responses.
* Use a proxy.
* Have the web and the API in the same domain.
For now, we provided a PHP proxy. The proxy url (which should be in the same domain that the web application) must be set in the variable proxy at the top of the restaurants_api.js file.
Following we explain how was the code before we removed our server side part.
We used the bitergia IdM docker adding to the composer file using this instructions:
authzforce:
image: bitergia/authzforce:4.2.0
expose:
- "8080"
idm:
image: bitergia/idm-keyrock:4.3.0
links:
- authzforce
volumes:
- /config
expose:
- "5000"
We developed a little Flask application as server. This application had a method to authenticate users using the IdM. User info, as could be the token, the identificator and roles, was saved in session variables.
Using these session variables the application decided which pages should be shown.
At render time, we were using Jinja2 templates which allowed us to display differents sections based on values of the variables.
The Flask application also implemented a proxy that allowed us to make AJAX petititions to the restaurants API.
KR,
ULPGC Team
________________________________
Este mensaje y sus adjuntos se dirigen exclusivamente a su destinatario, puede contener información privilegiada o confidencial y es para uso exclusivo de la persona o entidad de destino. Si no es usted. el destinatario indicado, queda notificado de que la lectura, utilización, divulgación y/o copia sin autorización puede estar prohibida en virtud de la legislación vigente. Si ha recibido este mensaje por error, le rogamos que nos lo comunique inmediatamente por esta misma vía y proceda a su destrucción.
The information contained in this transmission is privileged and confidential information intended only for the use of the individual or entity named above. If the reader of this message is not the intended recipient, you are hereby notified that any dissemination, distribution or copying of this communication is strictly prohibited. If you have received this transmission in error, do not read it. Please immediately reply to the sender that you have received this communication in error and then delete it.
Esta mensagem e seus anexos se dirigem exclusivamente ao seu destinatário, pode conter informação privilegiada ou confidencial e é para uso exclusivo da pessoa ou entidade de destino. Se não é vossa senhoria o destinatário indicado, fica notificado de que a leitura, utilização, divulgação e/ou cópia sem autorização pode estar proibida em virtude da legislação vigente. Se recebeu esta mensagem por erro, rogamos-lhe que nos o comunique imediatamente por esta mesma via e proceda a sua destruição
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <https://lists.fiware.org/private/fiware-developer-experience/attachments/20150722/524bb486/attachment.html>
You can get more information about our cookies and privacy policies clicking on the following links: Privacy policy Cookies policy