How can I force a refresh if the person navigates here while logged in. Also, I currently have my data fetching done in getInitialProps but only when req exists (server side). What should I do to make sure if a navigation happens back to this page that it always re-renders server side?
It is not possible to make getInitialProps run only on server side.
From the docs
For the initial page load, getInitialProps will execute on the server only.
getInitialProps will only be executed on the client when navigating to a
different route via the Link component or using the routing APIs.
You can use isomorphic fetch that exists both on server side and client side so you won't care on what side your data gets fetched. Example with using fetch can be found on docs as well
Hope this helps!
Related
tl;dr: move authentication from useAuth hook to the server side with laravel breeze with next.js?!
The situation
I am using a project setup like the original laravel breeze repo.
It ships with the useAuth hook, which handles the authentication on the client side.
This setup is barely satisfying as it does not utilize the server side rendering for all components that need authenticated content.
The Question
How could I provide a way to authenticate the user on the server side to gather all the information possible and render more on the server?
I don't need to get rid of useAuth at all.
My Attempt
I tried to move the hook getServerSideProps but that is not allowed. My knowledge of the useSWR used inside the useAuth is slightly thin.
I want user will not redirect to login page on closing website or browser once user is loggedIn.for this i use localStorage. it is working successfully but, it works after page rendering in nextjs. so, it give me error for 5 seconds. i want to access localStorage before page rendering in nextjs.[![First image shown when website is launch
Local Storage is only available in the browser. It will not be available on the server (or while the page is doing any kind of server-side operation).
https://developer.mozilla.org/en-US/docs/Web/API/Window/localStorage
You should use a cookie to store this information if it needs to be accessible by both the server AND client.
We have an angular application with node as the back end. We have an authenticate server where session management is done. There is a http interceptor that we are using in order to check whether a session is live in order to execute the http request. If the session has expired we navigate to Login page. And this works for most of the pages as we have some or the other http request in ngOnInit and hence they work fine. But I want to know how to intercept when there are no http requests on load. How do I encounter this? Should I use canActivate? Any suggestions would be helpful.
Thanks
Yes, you can use the canActivate hook of the Angular Router for doing this. You don't want to repeat the login check code in every component, canActivate can by reused in other parts of the application in the router config declaration. You can also check if the user has permissions to see this page.
What you can also do is to make the request and wait for the response, if the response is 403 the HTTP Interceptor routes back to the Login page.
If you don't want to check every time, you can use local storage to save the start session date and check if that is expired.
I have a system which uses Jquery AJAX calls to an .ASMX web service for INTERNAL and STATELESS use.
For example, after pressing a button, a Jquery call is launched to insert a new user).
Now, the problem is, that the Jquery AJAX call is dynamically inserted by the user. The user can decide what code of Javascript to put, so he may call a AddUser() function in the web service, or do something else. Then, that piece of code is inserted dynamically and the button will add all the Javascript that the user wrote into the HTML content.
In the case the user decides to call the Jquery and specifically adds a code to call the AddUser() function in the WS, how can I do it securely? How can I assure that this AJAX request is coming from the same domain?
I understand that every HTTP Request header can be manipulated, so how can I assure that the AJAX call is coming from the same site?
I remind you, the purpose of that web service is for internal uses of the system - so I don't want that an external user will read the JS code and copy it an add users as much as he wants!
I don't want to use tokens or identification. It is a stateless request and I just want to add a user but to have control of who is making the call.
I will be happy to get any suggestion. Thank you in advance!
In my opinion you can't. You either add some kind of authentication (if you have one on the site you may use the same authentication) or render a token on the page which is sent with the AJAX request. Of course in both cases you add some form of state but in my opinion the requirement to originate the request from the same site is a requirement to track state.
I have a cross-site ajax login request coming from a chrome extension to a Meteor app. I am handling this on the Meteor side using Iron-Router and the where:'server' setting. The request comes in fine, but now that I have the request, I want to login the user. How do I do that from the server?
I tried getting around it in a hacky way by redirecting from the server to another router using Router.go('otherRoute', {email:requestEmail, password:requestPassword}) in the action callback but that didn't work because the go method wasn't found. Either way, that seems like a poor solution to this problem.
Roughly speaking, what you will need is more or less a DDP client present on your custom (non Meteor?) website. The features you require are implemented in meteor's livedata package. There's also a node package node-ddp-clinet (server side), which you could probably use as a starting point in implementing your own client.
Once you have a working DDP client, logging in is a matter of calling login method on the server (through DDP of course). Look
here for more details.