• 0 Vote(s) - 0 Average
  • 1
  • 2
  • 3
  • 4
  • 5
Problem in login system while using Ajax

#1
[eluser]FutureKing[/eluser]
I am creating a website with user management system. The control panel for users has Ajax interface.
I have created a membership class "mem_mdl"
On every constructor of my controller I use its methods like this:

$this->mem_mdl->is_login();
$this->mem_mdl->load_auth(); // this loads authorization data
$this->mem_mdl->is_auth('wall_man'); //where 'wall_man' is module name // this function checks whether a user is authorized to use 'wall_man' module.

What the above function does:
It checks the login status and authorization of user and if fails then redirects the user to appropriate page(Login page,Unauthorised page or the user requested page).

My system uses ajax interface. Now the problem is if the user has been logged out from some other tabs/window of browser and the Ajax interface is remained open on some other tab/window then...
While processing ajax request instead of redirection. I get something like this:

NORMAL:
http://img384.imageshack.us/i/normalp.jpg/
PROBLEM:
http://img297.imageshack.us/i/problemjs.jpg/

Please see the above screenshots. I hope you understood my problem.
I use codeigniter redirect() for redirection and for ajax I am using jQuery.

#2
[eluser]InsiteFX[/eluser]
I would create a MY_Controller in the application/library folder then extend all your controllers for the MY_Controller.

You may also need to close your Ajax interface before redirecting.

Enjoy
InsiteFX

#3
[eluser]Colin Williams[/eluser]
Make sure your session and cookie settings are solid. It looks like the session is expiring/invalidating between the requests.

And InsiteFX, what would MY_Controller accomplish here? Not sure where you are going with that.

#4
[eluser]kmil0[/eluser]
crete a file MY_Controller.php
in /system/application/libraries/

then write something like this

Code:
class MY_Controller
{
function __construct()
{
   parent::__construct();
   if( ! $this->session->userdata('logged_in') )
   {
    // redirect to the login page.
    redirect('auth');
   }
}
}

with this you will not worry about check the controllers
that require authentication.

Smile

sorry for my bad english Tongue


now every controller that requires authentication may look like this

Code:
class News extends MY_Controller
{
    // your normal code here
}

and the auth controller look like this

Code:
class Auth extends Controller
{
function __construct(){ parent::__construct();}
function index(){ $this->load->view('login_view')}
}

#5
[eluser]InsiteFX[/eluser]
Hi Colin,

I mentioned the MY_Controller because he said he was doing all the same checks in all of his Controllers.

Which would make sence to have a MY_Controller and extend it.

Enjoy
InsiteFX

#6
[eluser]FutureKing[/eluser]
[quote author="kmil0" date="1254548869"]crete a file MY_Controller.php
in /system/application/libraries/

then write something like this

Code:
class MY_Controller
{
function __construct()
{
   parent::__construct();
   if( ! $this->session->userdata('logged_in') )
   {
    // redirect to the login page.
    redirect('auth');
   }
}
}

with this you will not worry about check the controllers
that require authentication.

Smile

sorry for my bad english Tongue


now every controller that requires authentication may look like this

Code:
class News extends MY_Controller
{
    // your normal code here
}

and the auth controller look like this

Code:
class Auth extends Controller
{
function __construct(){ parent::__construct();}
function index(){ $this->load->view('login_view')}
}
[/quote]

Thanks! But this was not my problem.
Hope this diagram will help you to understand my problem
http://img203.imageshack.us/img203/9047/redirect.jpg

#7
[eluser]InsiteFX[/eluser]
Here is how it should be done:

Code:
class App extends Controller {

    function App()
    {
        parent::Controller();

        // load your Auth library, models and helpers here.
    
    }

}

Save that as application/libraries/MY_Controller

Then you will add this to all of your other Controllers like so:

Code:
class Yourname extends App {

    function Yourname()
    {
        parent::App();
    }

}

If you need a good Auth system I highly recommend this one:

Auth 1.0.6

Enjoy
InsiteFX

#8
[eluser]n0xie[/eluser]
Your problem has nothing to do with authentication. Because you use AJAX, whenever you load part of your page and that part is not user authenticated, you will get a redirect from the server which return the login screen to your ajax call. So it's doing exactly as you told it to do : validate if the user is authenticated. If not redirect to login screen.

This is not a problem you can fix, it's inherent to the way you setup your site.

The only solution I can think of is if you pass a message via ajax which says 'user logged out' or something simular and your page does a javascript redirect to a login page. This works, but is ugly from my point of view, but should 'fix' your problem.

#9
[eluser]FutureKing[/eluser]
[quote author="n0xie" date="1254582846"]Your problem has nothing to do with authentication. Because you use AJAX, whenever you load part of your page and that part is not user authenticated, you will get a redirect from the server which return the login screen to your ajax call. So it's doing exactly as you told it to do : validate if the user is authenticated. If not redirect to login screen.

This is not a problem you can fix, it's inherent to the way you setup your site.

The only solution I can think of is if you pass a message via ajax which says 'user logged out' or something simular and your page does a javascript redirect to a login page. This works, but is ugly from my point of view, but should 'fix' your problem.[/quote]

Correct!
You understood my problem. Great.

I also thought about this. jQuery has Ajax events like $.ajaxStart(),$.ajaxStop() etc. I also thought to use them. Now this creates another problem.

This is what I thought:
While using application everytime user clicks on buttons/controls etc and fires an Ajax request. Now with help of jQuery ajax events another ajax request fires which checks whether the user is logged in or not. If user is not logged in then it redirects the user.

Problem is, creating an ajax request inside jQuery ajax events creates recursion.

Do you have any way to stop such type of recursion.

$.ajaxStart(function(){
$.ajax({
param1:
param2:
...etc...
success:function(){
}
});
});

#10
[eluser]n0xie[/eluser]
Just call a function which checks for the message 'user not logged in' like I said before as part of the callback. Else you make your problem more complex than it actually is.

Code:
$.post('somepage', 'some params', function (data) {
      // add this to your ajaxcalls:
      mylogincheckfunction(data);
      // do normal stuff here
      }
);

function mylogincheckfunction(obj){
if (obj.loggedin == false)
   // redirect windows.href or windows.location
}


Digg   Delicious   Reddit   Facebook   Twitter   StumbleUpon  


  Theme © 2014 iAndrew  
Powered By MyBB, © 2002-2021 MyBB Group.