Hello guys,
I was wondering what the best way is to implement Authentification from an Angular App with User Credentials (Username + PW) AND OR an ID (like an RFID chip [currently implemented with the username instead of an ID]).
Attempt 1:
My first attempt was to create an API_Key+Secret by my own (but here I am still using the Username as an ID):
@frappe.whitelist(allow_guest=True)
def get_login_data(username):
try:
user_details = frappe.get_doc("User", username)
except:
frappe.throw(frappe._(""), frappe.DoesNotExistError)
api_secret = frappe.generate_hash(length=15)
# if api key is not set generate api key
if not user_details.api_key:
api_key = frappe.generate_hash(length=15)
user_details.api_key = api_key
user_details.api_secret = api_secret
user_details.save(ignore_permissions=True)
return {"api_key": user_details.api_key, "api_secret": api_secret}
This is working pretty fine the only problem I have here is that the User needs to generate the first key- secret pair manually in the UI.
Is there a way arround this problem?
Attempt 2:
So the second thing i tried was to create a Session with a Cookie:
@frappe.whitelist(allow_guest=True)
def generateCookie(username, resume=False):
user = frappe.get_doc("User", username)
full_name = " ".join(filter(None, [user.first_name, user.last_name]))
make_session(user, False, full_name)
set_user_info(user, full_name, False)
def make_session(user, full_name, resume):
frappe.local.session_obj = Session(user=user, resume=resume, full_name=full_name, user_type=user.user_type)
print(frappe.local.session_obj.data)
frappe.local.session = frappe.local.session_obj.data
def set_user_info(user, full_name, resume=False):
frappe.local.cookie_manager.init_cookies()
if user.user_type=="Website User":
frappe.local.cookie_manager.set_cookie("system_user", "no")
if not resume:
frappe.local.response["message"] = "No App"
else:
frappe.local.cookie_manager.set_cookie("system_user", "yes")
if not resume:
frappe.local.response['message'] = 'Logged In'
frappe.local.response["home_page"] = "/desk"
frappe.local.response["cookie"] = frappe.local.session.get('sid')
if not resume:
frappe.response["full_name"] = full_name
frappe.local.cookie_manager.set_cookie("full_name", full_name)
So the thing is I want a user to be able to log in here, but when a guest calls this method the SessionManager recognizes him as a Guest.
That means that he will return a sid with “guest” inside. But I want a correct SID instead.
Would it be possible to create a SID for a given user and to return it to the Angular App?
These were my attempts to make a custom Login.
I am not very happy with them, what do you guys think?
Are there better solutions?
Help would be really appreciated!