1

I have a web application having three pages, one is login page, second is contact page, and third is chat page. The natural sequence to traverse is one to second and from second to third.

Login (using our web service) is required to open second and third page. Now we have a requirement that we want to open third page directly from a third party application.

So, suppose if third page is requested from browser and on the same browser login (using first page) has been made. Then we need to directly show the third page otherwise show the user first page i.e. login page.

The requirement is similar as required facebook page can be opened by clicking an link from gmail page, if facebook user has done login, he can see the desired page directly.

sakura
  • 2,249
  • 2
  • 26
  • 39

1 Answers1

1

When i wrote this functionality into my last project, i generally did the following:

  1. try to load the page
  2. at the beginning of any page load, the first thing that is checked is login status
  3. if loggedIn == false, then you're going to save the current url and redirect to login with an argument of the previous url (mysite.com/login?url=/something/page3)
  4. then when they submit the new login information, upon success you can simply grab the value of your url argument, and do a redirect to that value.

However, in order to do this, you probably need the following problems to already be solved: your page framework, modular code on a per page basis (mvc usually helps for this), a login functionality that can check login status easily, and more

Kristian
  • 21,204
  • 19
  • 101
  • 176
  • So, do we have to store the login status in memory at server? Suppose there are multiple clients accessing my page with different credentials then how should i do all these things. I mean session id would be certainly unique but along session id we should keep some other informations like browser/IP/userid etc and make an unique identifier.. further we would require an timer running to expire the session. Please suggest if we would require all these things. – sakura Apr 12 '12 at 05:13
  • you're way better off imho to make your application stateless, and store your authentication state as an encrypted token in a cookie, client side. That way its really easy to check, and the expiring of the cookie happens automatically, since its required to give it an expiry date. Also, that means you don't have to worry about juggling session ids around on multiple servers...like you would have with cloud apps – Kristian Apr 12 '12 at 14:06