Jump to content

ProcessWire + Ionic : Handling User Authentication & Sessions

Vineet Sawant

Recommended Posts


I'm working on a simple Ionic app which is going to use ProcessWire as the backend.

This app allows people to upload images and then like/comment on them. It's a lot like a stripped down imgur app.

I've set up some basic services such as register, login & reset password.

There are a couple of things I am doubtful about.

1. How do I get user's unique session Id once he's successfully authenticated through AngularJS's http post request?

I'm currently using following code:

$sessions = $session->getAll();
$session_id = $session->_user["fingerprint"];

But I'm not sure if that's the right way to do it. I'm not even sure if that's the session id. I know there's something called SessionCSRF["name"], I tried that.

I'm sending session_id as response to http post request. Then I'm using that session id to check if user is authenticated for his/her further actions such as commenting/liking/posting etc.

2. Now that I've got the session id, how do I identify the user based on the given session id? or should I send user ID back to PW everytime user is performing any action?

Is it possible to identify user just based on the session fingerprint that I'm giving back to the app?

Among other things I'm considering are keeping a device id on the server for each user, so as to gain better control over user's sessions.

I can log out all the devices linked at once etc. 

I'd really love to hear from you guys how you'd plan to do this app. I'm experienced with PW but not very much with AngularJS.

Thank you.

Link to comment
Share on other sites

Create an account or sign in to comment

You need to be a member in order to leave a comment

Create an account

Sign up for a new account in our community. It's easy!

Register a new account

Sign in

Already have an account? Sign in here.

Sign In Now

  • Create New...