How to check if the user is logged in using Javascript?
1,758 views
Skip to first unread message
Saqib Ali
Jul 30, 2010, 2:13:36 PM7/30/10
to Google App Engine
How do I check if the user is currently logged in using their Google
Account in Javascript? I can set some hidden field to do that, but is
there a more elegant way to do this?
saqib
Account in Javascript? I can set some hidden field to do that, but is
there a more elegant way to do this?
saqib
Jaroslav Záruba
Jul 30, 2010, 2:18:20 PM7/30/10
to google-a...@googlegroups.com
I'm keeping a cookie for that.
--
You received this message because you are subscribed to the Google Groups "Google App Engine" group.
To post to this group, send email to google-a...@googlegroups.com.
To unsubscribe from this group, send email to google-appengi...@googlegroups.com.
For more options, visit this group at http://groups.google.com/group/google-appengine?hl=en.
Ikai L (Google)
Jul 30, 2010, 2:44:34 PM7/30/10
to google-a...@googlegroups.com
The "correct" way is to make a request back to your application in Javascript. You can do cookie hacks, but these have a tendency to be brittle and hard to manage.--
Ikai Lan
Developer Programs Engineer, Google App Engine
Ikai Lan
Developer Programs Engineer, Google App Engine
Twitter: http://twitter.com/app_engine
Jaroslav Záruba
Jul 30, 2010, 2:48:27 PM7/30/10
to google-a...@googlegroups.com
On Fri, Jul 30, 2010 at 8:44 PM, Ikai L (Google) <ika...@google.com> wrote:
The "correct" way is to make a request back to your application in Javascript. You can do cookie hacks, but these have a tendency to be brittle and hard to manage.
My understanding is that the original poster wants to have that information at hand without any further trips to server, and (most importantly) only as kind of hint. Obviously I don't use that cookie as authorization or password. :)
Jaroslav Záruba
Jul 30, 2010, 2:49:43 PM7/30/10
to google-a...@googlegroups.com
...which leads me again to wishing for http-headers being accessible in JS. :(
2010/7/30 Jaroslav Záruba <jarosla...@gmail.com>
Jeff Schwartz
Jul 30, 2010, 3:13:48 PM7/30/10
to google-a...@googlegroups.com
I think that for security reasons the headers aren't readily accessible. If they were you can imagine the hacks the malcontents would be making using them.
The idea of using a light weight ajax call is perfect for this. The call back on the client would only need to receive a boolean yes/no wrapped in a json object to resolve the question. That's rather a secure mechanism in my opinion. On the server, a user object could be stored in session state to indicate he/she is logged in. So the processing on the server is minimal. In fact, I use this same technique in all my applications including those for other platforms.
Other than those that are forced upon me - such as session id - I avoid using cookies.
Just my $0.02.
--
--
Jeff
The idea of using a light weight ajax call is perfect for this. The call back on the client would only need to receive a boolean yes/no wrapped in a json object to resolve the question. That's rather a secure mechanism in my opinion. On the server, a user object could be stored in session state to indicate he/she is logged in. So the processing on the server is minimal. In fact, I use this same technique in all my applications including those for other platforms.
Other than those that are forced upon me - such as session id - I avoid using cookies.
Just my $0.02.
2010/7/30 Jaroslav Záruba <jarosla...@gmail.com>
--
--
Jeff
P. Petrov
Jul 30, 2010, 4:47:22 PM7/30/10
to Google App Engine
Why not simply initialize a JS variable in the page HTML for logged-in
users, and then simply checking for it? There's no security
vulnerability in doing that, as any part of the client-side code can
be manipulated anyway.
On Jul 30, 10:13 pm, Jeff Schwartz <jefftschwa...@gmail.com> wrote:
> I think that for security reasons the headers aren't readily accessible. If
> they were you can imagine the hacks the malcontents would be making using
> them.
>
> The idea of using a light weight ajax call is perfect for this. The call
> back on the client would only need to receive a boolean yes/no wrapped in a
> json object to resolve the question. That's rather a secure mechanism in my
> opinion. On the server, a user object could be stored in session state to
> indicate he/she is logged in. So the processing on the server is minimal. In
> fact, I use this same technique in all my applications including those for
> other platforms.
>
> Other than those that are forced upon me - such as session id - I avoid
> using cookies.
>
> Just my $0.02.
>
> 2010/7/30 Jaroslav Záruba <jaroslav.zar...@gmail.com>
> >>>>> .
> >>>> .
> >>> .
> > .
users, and then simply checking for it? There's no security
vulnerability in doing that, as any part of the client-side code can
be manipulated anyway.
On Jul 30, 10:13 pm, Jeff Schwartz <jefftschwa...@gmail.com> wrote:
> I think that for security reasons the headers aren't readily accessible. If
> they were you can imagine the hacks the malcontents would be making using
> them.
>
> The idea of using a light weight ajax call is perfect for this. The call
> back on the client would only need to receive a boolean yes/no wrapped in a
> json object to resolve the question. That's rather a secure mechanism in my
> opinion. On the server, a user object could be stored in session state to
> indicate he/she is logged in. So the processing on the server is minimal. In
> fact, I use this same technique in all my applications including those for
> other platforms.
>
> Other than those that are forced upon me - such as session id - I avoid
> using cookies.
>
> Just my $0.02.
>
>
>
>
> > ...which leads me again to wishing for http-headers being accessible in JS.
> > :(
>
> > 2010/7/30 Jaroslav Záruba <jaroslav.zar...@gmail.com>
>
>
> > ...which leads me again to wishing for http-headers being accessible in JS.
> > :(
>
>
> > On Fri, Jul 30, 2010 at 8:44 PM, Ikai L (Google) <ika...@google.com>wrote:
>
> >>> The "correct" way is to make a request back to your application in
> >>> Javascript. You can do cookie hacks, but these have a tendency to be brittle
> >>> and hard to manage.
>
> >> My understanding is that the original poster wants to have that
> >> information at hand *without* any further trips to server, and (most
> > On Fri, Jul 30, 2010 at 8:44 PM, Ikai L (Google) <ika...@google.com>wrote:
>
> >>> The "correct" way is to make a request back to your application in
> >>> Javascript. You can do cookie hacks, but these have a tendency to be brittle
> >>> and hard to manage.
>
> >> My understanding is that the original poster wants to have that
> >> importantly) only as kind of hint. Obviously I don't use that cookie as
> >> authorization or password. :)
>
> >>> On Fri, Jul 30, 2010 at 11:18 AM, Jaroslav Záruba <
> >>> jaroslav.zar...@gmail.com> wrote:
>
> >>>> I'm keeping a cookie for that.
>
> >> authorization or password. :)
>
> >>> On Fri, Jul 30, 2010 at 11:18 AM, Jaroslav Záruba <
> >>> jaroslav.zar...@gmail.com> wrote:
>
> >>>> I'm keeping a cookie for that.
>
> >>>> On Fri, Jul 30, 2010 at 8:13 PM, Saqib Ali <docbook....@gmail.com>wrote:
>
> >>>>> How do I check if the user is currently logged in using their Google
> >>>>> Account in Javascript? I can set some hidden field to do that, but is
> >>>>> there a more elegant way to do this?
>
> >>>>> saqib
>
> >>>>> --
> >>>>> You received this message because you are subscribed to the Google
> >>>>> Groups "Google App Engine" group.
> >>>>> To post to this group, send email to google-a...@googlegroups.com
> >>>>> .
> >>>>> To unsubscribe from this group, send email to
> >>>>> google-appengi...@googlegroups.com<google-appengine%2Bunsu...@googlegroups.com>
>
> >>>>> How do I check if the user is currently logged in using their Google
> >>>>> Account in Javascript? I can set some hidden field to do that, but is
> >>>>> there a more elegant way to do this?
>
> >>>>> saqib
>
> >>>>> --
> >>>>> You received this message because you are subscribed to the Google
> >>>>> Groups "Google App Engine" group.
> >>>>> To post to this group, send email to google-a...@googlegroups.com
> >>>>> .
> >>>>> To unsubscribe from this group, send email to
> >>>>> .
> >>>>> For more options, visit this group at
> >>>>>http://groups.google.com/group/google-appengine?hl=en.
>
> >>>> --
> >>>> You received this message because you are subscribed to the Google
> >>>> Groups "Google App Engine" group.
> >>>> To post to this group, send email to google-a...@googlegroups.com.
> >>>> To unsubscribe from this group, send email to
> >>>> google-appengi...@googlegroups.com<google-appengine%2Bunsu...@googlegroups.com>
> >>>>>http://groups.google.com/group/google-appengine?hl=en.
>
> >>>> --
> >>>> You received this message because you are subscribed to the Google
> >>>> Groups "Google App Engine" group.
> >>>> To post to this group, send email to google-a...@googlegroups.com.
> >>>> To unsubscribe from this group, send email to
> >>>> .
> >>>> For more options, visit this group at
> >>>>http://groups.google.com/group/google-appengine?hl=en.
>
> >>> --
> >>> Ikai Lan
> >>> Developer Programs Engineer, Google App Engine
> >>> Blog:http://googleappengine.blogspot.com
> >>> Twitter:http://twitter.com/app_engine
> >>> Reddit:http://www.reddit.com/r/appengine
>
> >>> --
> >>> You received this message because you are subscribed to the Google Groups
> >>> "Google App Engine" group.
> >>> To post to this group, send email to google-a...@googlegroups.com.
> >>> To unsubscribe from this group, send email to
> >>> google-appengi...@googlegroups.com<google-appengine%2Bunsu...@googlegroups.com>
> >>>>http://groups.google.com/group/google-appengine?hl=en.
>
> >>> --
> >>> Ikai Lan
> >>> Developer Programs Engineer, Google App Engine
> >>> Blog:http://googleappengine.blogspot.com
> >>> Twitter:http://twitter.com/app_engine
> >>> Reddit:http://www.reddit.com/r/appengine
>
> >>> --
> >>> You received this message because you are subscribed to the Google Groups
> >>> "Google App Engine" group.
> >>> To post to this group, send email to google-a...@googlegroups.com.
> >>> To unsubscribe from this group, send email to
> >>> .
> >>> For more options, visit this group at
> >>>http://groups.google.com/group/google-appengine?hl=en.
>
> > --
> > You received this message because you are subscribed to the Google Groups
> > "Google App Engine" group.
> > To post to this group, send email to google-a...@googlegroups.com.
> > To unsubscribe from this group, send email to
> > google-appengi...@googlegroups.com<google-appengine%2Bunsu...@googlegroups.com>
> >>>http://groups.google.com/group/google-appengine?hl=en.
>
> > --
> > You received this message because you are subscribed to the Google Groups
> > "Google App Engine" group.
> > To post to this group, send email to google-a...@googlegroups.com.
> > To unsubscribe from this group, send email to
> > .
Jaroslav Záruba
Jul 30, 2010, 4:52:32 PM7/30/10
to google-a...@googlegroups.com
On Fri, Jul 30, 2010 at 10:47 PM, Onestone <ones...@gmail.com> wrote:
Why not simply initialize a JS variable in the page HTML for logged-in
users, and then simply checking for it? There's no security
vulnerability in doing that, as any part of the client-side code can
be manipulated anyway.
this is not applicable when you serve static content (pre-compiled JSPs for example)
To unsubscribe from this group, send email to google-appengi...@googlegroups.com.
Jeff Schwartz
Jul 30, 2010, 5:05:52 PM7/30/10
to google-a...@googlegroups.com
Sessions and authenticated user status can time out. For example, if a user kept their browser open for days, lets say, and then does something on the page they may no longer have a valid session.
--
--
Jeff
To unsubscribe from this group, send email to google-appengi...@googlegroups.com.
--
--
Jeff
Luis Daniel Mesa Velasquez
Jul 31, 2010, 10:14:48 PM7/31/10
to Google App Engine
JSPs are hardly static... in fact i do some of my scaffolding at the
start of a website displaying all the request info, headers, session,
everything but the kitchen sink... Just to make sure i can have the
whole picture... in fact i'm doing that right now in my current
project. You could initialize the variable and send it as part of the
page or even make a function, as long as you keep in mind that the
info could have changed.
<% if(request.getHeader("blah") != null) { out.println("<script>var
blah = " + request.getHeader("blah") + ";</script>"); } %>
or <%... "function isBlah() { return " + request.getHeader("blah") +
";}" %>
a JSP is as static as you make it.
On Jul 30, 3:52 pm, Jaroslav Záruba <jaroslav.zar...@gmail.com> wrote:
> > > >>>>> google-appengi...@googlegroups.com<google-appengine%2Bunsubscribe...@googlegroups.com>
> > <google-appengine%2Bunsu...@googlegroups.com<google-appengine%252Bunsubscr...@googlegroups.com>
> > <google-appengine%2Bunsu...@googlegroups.com<google-appengine%252Bunsubscr...@googlegroups.com>
> > <google-appengine%2Bunsu...@googlegroups.com<google-appengine%252Bunsubscr...@googlegroups.com>
> > <google-appengine%2Bunsu...@googlegroups.com<google-appengine%252Bunsubscr...@googlegroups.com>
start of a website displaying all the request info, headers, session,
everything but the kitchen sink... Just to make sure i can have the
whole picture... in fact i'm doing that right now in my current
project. You could initialize the variable and send it as part of the
page or even make a function, as long as you keep in mind that the
info could have changed.
<% if(request.getHeader("blah") != null) { out.println("<script>var
blah = " + request.getHeader("blah") + ";</script>"); } %>
or <%... "function isBlah() { return " + request.getHeader("blah") +
";}" %>
a JSP is as static as you make it.
On Jul 30, 3:52 pm, Jaroslav Záruba <jaroslav.zar...@gmail.com> wrote:
> > <google-appengine%2Bunsu...@googlegroups.com<google-appengine%252Bunsubscr...@googlegroups.com>
>
> > > >>>>> .
> > > >>>>> For more options, visit this group at
> > > >>>>>http://groups.google.com/group/google-appengine?hl=en.
>
> > > >>>> --
> > > >>>> You received this message because you are subscribed to the Google
> > > >>>> Groups "Google App Engine" group.
> > > >>>> To post to this group, send email to
> > google-a...@googlegroups.com.
> > > >>>> To unsubscribe from this group, send email to
> > > >>>> google-appengi...@googlegroups.com<google-appengine%2Bunsubscribe...@googlegroups.com>
> > > >>>>> .
> > > >>>>> For more options, visit this group at
> > > >>>>>http://groups.google.com/group/google-appengine?hl=en.
>
> > > >>>> --
> > > >>>> You received this message because you are subscribed to the Google
> > > >>>> Groups "Google App Engine" group.
> > > >>>> To post to this group, send email to
> > google-a...@googlegroups.com.
> > > >>>> To unsubscribe from this group, send email to
> > <google-appengine%2Bunsu...@googlegroups.com<google-appengine%252Bunsubscr...@googlegroups.com>
>
> > > >>>> .
> > > >>>> For more options, visit this group at
> > > >>>>http://groups.google.com/group/google-appengine?hl=en.
>
> > > >>> --
> > > >>> Ikai Lan
> > > >>> Developer Programs Engineer, Google App Engine
> > > >>> Blog:http://googleappengine.blogspot.com
> > > >>> Twitter:http://twitter.com/app_engine
> > > >>> Reddit:http://www.reddit.com/r/appengine
>
> > > >>> --
> > > >>> You received this message because you are subscribed to the Google
> > Groups
> > > >>> "Google App Engine" group.
> > > >>> To post to this group, send email to
> > google-a...@googlegroups.com.
> > > >>> To unsubscribe from this group, send email to
> > > >>> google-appengi...@googlegroups.com<google-appengine%2Bunsubscribe...@googlegroups.com>
> > > >>>> .
> > > >>>> For more options, visit this group at
> > > >>>>http://groups.google.com/group/google-appengine?hl=en.
>
> > > >>> --
> > > >>> Ikai Lan
> > > >>> Developer Programs Engineer, Google App Engine
> > > >>> Blog:http://googleappengine.blogspot.com
> > > >>> Twitter:http://twitter.com/app_engine
> > > >>> Reddit:http://www.reddit.com/r/appengine
>
> > > >>> --
> > > >>> You received this message because you are subscribed to the Google
> > Groups
> > > >>> "Google App Engine" group.
> > > >>> To post to this group, send email to
> > google-a...@googlegroups.com.
> > > >>> To unsubscribe from this group, send email to
> > <google-appengine%2Bunsu...@googlegroups.com<google-appengine%252Bunsubscr...@googlegroups.com>
>
> > > >>> .
> > > >>> For more options, visit this group at
> > > >>>http://groups.google.com/group/google-appengine?hl=en.
>
> > > > --
> > > > You received this message because you are subscribed to the Google
> > Groups
> > > > "Google App Engine" group.
> > > > To post to this group, send email to google-a...@googlegroups.com
> > .
> > > > To unsubscribe from this group, send email to
> > > > google-appengi...@googlegroups.com<google-appengine%2Bunsubscribe...@googlegroups.com>
> > > >>> .
> > > >>> For more options, visit this group at
> > > >>>http://groups.google.com/group/google-appengine?hl=en.
>
> > > > --
> > > > You received this message because you are subscribed to the Google
> > Groups
> > > > "Google App Engine" group.
> > > > To post to this group, send email to google-a...@googlegroups.com
> > .
> > > > To unsubscribe from this group, send email to
> > <google-appengine%2Bunsu...@googlegroups.com<google-appengine%252Bunsubscr...@googlegroups.com>
>
> > > > .
> > > > For more options, visit this group at
> > > >http://groups.google.com/group/google-appengine?hl=en.
>
> > > --
> > > --
> > > Jeff
>
> > --
> > You received this message because you are subscribed to the Google Groups
> > "Google App Engine" group.
> > To post to this group, send email to google-a...@googlegroups.com.
> > To unsubscribe from this group, send email to
> > google-appengi...@googlegroups.com<google-appengine%2Bunsubscribe...@googlegroups.com>
> > > > .
> > > > For more options, visit this group at
> > > >http://groups.google.com/group/google-appengine?hl=en.
>
> > > --
> > > --
> > > Jeff
>
> > --
> > You received this message because you are subscribed to the Google Groups
> > "Google App Engine" group.
> > To post to this group, send email to google-a...@googlegroups.com.
> > To unsubscribe from this group, send email to
Jaroslav Záruba
Jul 31, 2010, 11:04:53 PM7/31/10
to google-a...@googlegroups.com
You might notice I did not write 'JSPs' but rather 'pre-compiled JSPs'. And those are very static indeed. :)
To unsubscribe from this group, send email to google-appengi...@googlegroups.com.
Luis Daniel Mesa Velasquez
Aug 1, 2010, 10:48:07 PM8/1/10
to Google App Engine
Pre-compiled JSPs means they are compiled into Servlets, so no... not
static unless you have a jsp page with just html markup (which would
be pointless).
JSPs and pre-compiled JSPs are dynamic by nature, and never static
unless you made a bad choice of file type/extension.
On Jul 31, 10:04 pm, Jaroslav Záruba <jaroslav.zar...@gmail.com>
wrote:
static unless you have a jsp page with just html markup (which would
be pointless).
JSPs and pre-compiled JSPs are dynamic by nature, and never static
unless you made a bad choice of file type/extension.
On Jul 31, 10:04 pm, Jaroslav Záruba <jaroslav.zar...@gmail.com>
wrote:
> > <google-appengine%252Bunsubscr...@googlegroups.com>
>
> > > > > >>>> .
> > > > > >>>> For more options, visit this group at
> > > > > >>>>http://groups.google.com/group/google-appengine?hl=en.
>
> > > > > >>> --
> > > > > >>> Ikai Lan
> > > > > >>> Developer Programs Engineer, Google App Engine
> > > > > >>> Blog:http://googleappengine.blogspot.com
> > > > > >>> Twitter:http://twitter.com/app_engine
> > > > > >>> Reddit:http://www.reddit.com/r/appengine
>
> > > > > >>> --
> > > > > >>> You received this message because you are subscribed to the
> > Google
> > > > Groups
> > > > > >>> "Google App Engine" group.
> > > > > >>> To post to this group, send email to
> > > > google-a...@googlegroups.com.
> > > > > >>> To unsubscribe from this group, send email to
> > > > > >>> google-appengi...@googlegroups.com<google-appengine%2Bunsubscribe...@googlegroups.com>
>
> > > > > >>>> .
> > > > > >>>> For more options, visit this group at
> > > > > >>>>http://groups.google.com/group/google-appengine?hl=en.
>
> > > > > >>> --
> > > > > >>> Ikai Lan
> > > > > >>> Developer Programs Engineer, Google App Engine
> > > > > >>> Blog:http://googleappengine.blogspot.com
> > > > > >>> Twitter:http://twitter.com/app_engine
> > > > > >>> Reddit:http://www.reddit.com/r/appengine
>
> > > > > >>> --
> > > > > >>> You received this message because you are subscribed to the
> > > > Groups
> > > > > >>> "Google App Engine" group.
> > > > > >>> To post to this group, send email to
> > > > google-a...@googlegroups.com.
> > > > > >>> To unsubscribe from this group, send email to
> > > > > >>> google-appengi...@googlegroups.com<google-appengine%2Bunsubscribe...@googlegroups.com>
> > <google-appengine%2Bunsubscribe...@googlegroups.com>
> > > > <google-appengine%2Bunsu...@googlegroups.com<google-appengine%252Bunsubscr...@googlegroups.com>
> > > > <google-appengine%2Bunsu...@googlegroups.com<google-appengine%252Bunsubscr...@googlegroups.com>
> > <google-appengine%252Bunsubscr...@googlegroups.com>
>
> > > > > >>> .
> > > > > >>> For more options, visit this group at
> > > > > >>>http://groups.google.com/group/google-appengine?hl=en.
>
> > > > > > --
> > > > > > You received this message because you are subscribed to the Google
> > > > Groups
> > > > > > "Google App Engine" group.
> > > > > > To post to this group, send email to
> > google-a...@googlegroups.com
> > > > .
> > > > > > To unsubscribe from this group, send email to
> > > > > > google-appengi...@googlegroups.com<google-appengine%2Bunsubscribe...@googlegroups.com>
>
> > > > > >>> .
> > > > > >>> For more options, visit this group at
> > > > > >>>http://groups.google.com/group/google-appengine?hl=en.
>
> > > > > > --
> > > > > > You received this message because you are subscribed to the Google
> > > > Groups
> > > > > > "Google App Engine" group.
> > > > > > To post to this group, send email to
> > google-a...@googlegroups.com
> > > > .
> > > > > > To unsubscribe from this group, send email to
> > > > > > google-appengi...@googlegroups.com<google-appengine%2Bunsubscribe...@googlegroups.com>
> > <google-appengine%2Bunsubscribe...@googlegroups.com>
> > > > <google-appengine%2Bunsu...@googlegroups.com<google-appengine%252Bunsubscr...@googlegroups.com>
> > > > <google-appengine%2Bunsu...@googlegroups.com<google-appengine%252Bunsubscr...@googlegroups.com>
> > <google-appengine%252Bunsubscr...@googlegroups.com>
>
> > > > > > .
> > > > > > For more options, visit this group at
> > > > > >http://groups.google.com/group/google-appengine?hl=en.
>
> > > > > --
> > > > > --
> > > > > Jeff
>
> > > > --
> > > > You received this message because you are subscribed to the Google
> > Groups
> > > > "Google App Engine" group.
> > > > To post to this group, send email to google-a...@googlegroups.com
>
> > > > > > .
> > > > > > For more options, visit this group at
> > > > > >http://groups.google.com/group/google-appengine?hl=en.
>
> > > > > --
> > > > > --
> > > > > Jeff
>
> > > > --
> > > > You received this message because you are subscribed to the Google
> > Groups
> > > > "Google App Engine" group.
> > .
> > > > To unsubscribe from this group, send email to
> > > > google-appengi...@googlegroups.com<google-appengine%2Bunsubscribe...@googlegroups.com>
> > > > To unsubscribe from this group, send email to
> > > > google-appengi...@googlegroups.com<google-appengine%2Bunsubscribe...@googlegroups.com>
Jaroslav Záruba
Aug 1, 2010, 11:09:39 PM8/1/10
to google-a...@googlegroups.com
I don't understand why do you want to fight over words. I think we might assume pretty much everyone in this forum knows how JSPs work.
Given that for server JSPs are almost always class-files I did not imagine anyone would 'pre-compiled JSPs' translate again into 'class-files'.
That said, when I said 'static content like precompiled JSPs' I meant 'markup generated from JSP, then stored somewhere and served as static content'.
Is that static enough? :)
Cheers
JZ
To unsubscribe from this group, send email to google-appengi...@googlegroups.com.
Saqib Ali
Aug 2, 2010, 11:43:02 AM8/2/10
to Google App Engine
thank ya'll for the responses. so it seems that without making further
trips to the server, the only way to check to see if the user is
logged in is to set some cookie/hidden fields.......
trips to the server, the only way to check to see if the user is
logged in is to set some cookie/hidden fields.......
Jeff Schwartz
Aug 2, 2010, 12:04:51 PM8/2/10
to google-a...@googlegroups.com
Being able to determine client-side if a user is logged in can be complicated by authentications that can time out. For those instance, you would need a timestamp on the client side which indicates the time they authenticated and knowledge of the duration for which their authentication will remain valid. With these 2 data points you could determine if they are still logged in.
In my apps I chose to simplify things by just using a simple ajax call to query the server to determine if they are logged in or not.
Jeff
--
--
Jeff
In my apps I chose to simplify things by just using a simple ajax call to query the server to determine if they are logged in or not.
Jeff
--
You received this message because you are subscribed to the Google Groups "Google App Engine" group.
To post to this group, send email to google-a...@googlegroups.com.
To unsubscribe from this group, send email to google-appengi...@googlegroups.com.
For more options, visit this group at http://groups.google.com/group/google-appengine?hl=en.
--
--
Jeff
Reply all
Reply to author
Forward
0 new messages