Authenticating Users

Authenticating Users

If you don't want a user to use your Telerik Platform app anonymously, you must first authenticate them. This is done by providing the username and password for the user. On successful authentication the server will issue you an access token. The Backend Services JavaScript SDK will then use this token to make impersonated requests to the services.

Access tokens are temporary, they expire. After a token has expired, you must reauthenticate the user to get a new access token. There are also other cases when a token becomes invalid:

  • When the user changes their password
  • When the user logs out
  • When the user account is deleted

Logging In a User

After the user is authenticated, the server returns an access token along with the token type. This token is kept by the Everlive instance and is used in the Authorization header in every subsequent service call.

Notice that the login operation does not return any information (profile data) about the user. Instead you need to use the method Everlive.Users.currentUser().

Here is an example log in request:

var el = new Everlive('your-app-id');
el.authentication.login('jsmith', // username
    '111111', // password
    function (data) {
        alert(JSON.stringify(data));
    },
    function(error){
        alert(JSON.stringify(error));
    });

Authenticating a user ensures that the Owner, Created by, and Modified by data item attributes are populated when the user consequently manipulates data.

Manage Authentication

Sometimes you may want to explicitly manipulate the access token. Use the following methods to do that.

  • To clear the access token off an Everlive instance, use the following method. This does not equal logging out, because the current authorization token is not invalidated on the server.

    var el = new Everlive('your-app-id');
    el.authentication.clearAuthorization();
    
  • To set the token explicitly, use the setAuthorization() method. The userId is the current user's Id. You can acquire it from the principal_id filed contained in the response to the login() method.

    var token = 'someAccessToken';
    var tokenType = 'bearer';
    var userId = '5fa1ea93-b384-11e5-b406-5b0fec3aeb41'
    el.authentication.setAuthorization(token, tokenType, userId);
    

See Also

Start a free trial Request a demo
Contact us: +1-888-365-2779
sales@telerik.com
Copyright © 2016-2017, Progress Software Corporation and/or its subsidiaries or affiliates. All rights reserved.