Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Notification on authentication status change #56

Open
nyurik opened this issue Nov 4, 2017 · 3 comments
Open

Notification on authentication status change #56

nyurik opened this issue Nov 4, 2017 · 3 comments
Labels
question

Comments

@nyurik
Copy link

nyurik commented Nov 4, 2017

Is there an way to track when authentication status changes? For example, if during a request, authentication changes from non-authenticated to authenticated, it would be good to call my event handler. Also, it should be called if client had to re-login (possibly under different credentials) during the request handling.

My goal is to update UI if login status has changed.

Thanks!
@bhousel
Copy link
Member

bhousel commented Nov 4, 2017

Yes, when you create the osmAuth object, you can pass it an options hash with optional loading and done properties - these are callback functions that will be called when the authentication begins and completes.
https://github.com/osmlab/osm-auth#api

Looking at how this works in the iD source code might be helpful too..

@nyurik
Copy link
Author

nyurik commented Nov 4, 2017

@bhousel thanks for the quick answer! My concern is handling the "user switching". For example, if the user revokes the token, and afterwards attempts to make an authenticated request, how would I detect that? Also, what happens if the user closes the authentication popup, instead of authenticating - is there a way to handle that? Thanks for the code link, studying it now.

@bhousel
Copy link
Member

bhousel commented Nov 5, 2017

My concern is handling the "user switching". For example, if the user revokes the token, and afterwards attempts to make an authenticated request, how would I detect that?

I think if the tokens are revoked the OSM API will return an error, as long as your app is using oauth.xhr to make requests. The request will be signed with an invalid token and the OSM API should return 401 Unauthorized, or something like that. See iD's loadFromAPI method where we handle all this. The method will logout (i.e. remove oAuth secrets) and retry the request.

Also, what happens if the user closes the authentication popup, instead of authenticating - is there a way to handle that? Thanks for the code link, studying it now.

Looks like this library don't do it yet:

osm-auth/index.js

Lines 31 to 32 in 31494a5

// TODO: detect lack of click event
oauth.authenticate = function(callback) {

I guess we'd need to add an event handler for that popup page and add a cancelled callback to the options that could get called if the user closes the popup before the authentication completes.

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
question
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
2 participants
@bhousel @nyurik