3

I have 4 angular applications one is a landing app which asks user to login and has to redirect the user according to its type to one of the other 3 applications. I am unable to figure how to should i achieve that.

  1. Have the three apps running on different subdomains. Upon login backend send a redirect response, figuring out what type of user it is?

But this leads to cors Error. Also i am not sure whether the cookie which i am setting will be accessible in all the subdomains or not.

Is there a way out?

sideshowbarker
  • 81,827
  • 26
  • 193
  • 197
optimus
  • 349
  • 5
  • 14

2 Answers2

0

You can do a redirect, but it seems like an unnecessary step (and kind of convoluted for this type of application).

Instead of returning a redirect based on login, it seems more straightforward to just return the address you want to redirect to in the response. Trigger a lookup to determine which app you should be directing to (however you're doing that) and then return the address of the app in the response data. From within Angular, you can extract the address from within response.data in $http. (see angular docs). The nice thing here is you also keep routing control and knowledge of state within Angular itself.

As for the apps themselves--instead of a subdomain, you can simply put the apps into different folders on your domain. This deals with CORS and the cookie issue.

Otherwise, you'd need to set a CORS header. You would do this on whatever backend you're sending the requests to--there's usually some sort of library to make it easy, for example, Flask CORS for Flask. If you need to share cookies in this case, this StackOverflow answer discusses one way of doing it (using an intermediary domain).

Community
  • 1
  • 1
James Wang
  • 1,281
  • 9
  • 17
  • hey facing the same problem. Got the url back and using $window.location.href to go the other app. But if i do that how can send the data along with this. By data i mean the authentication key? – Vipul Oct 24 '15 at 07:17
  • It depends on your server setup and what you're trying to do. Is it a single-page application or are you just using it as a login to static assets? The simplest way here is to handle the form submission yourself (attach the form as a model as per https://docs.angularjs.org/guide/forms), and just add an additional variable to the object (e.g. $scope.user.authentication). Send the `user` object through `$http` and use the `then` callback from it to both pull out the address and do the routing (i.e. have a function in it, preferably with angular's $route/$routeProvider for more control). – James Wang Oct 24 '15 at 08:04
  • Obviously, with this (and even with a form submission), you'd want to be doing this through https to prevent eavesdropping. – James Wang Oct 24 '15 at 08:09
0

  1. Generate a security key for the user session with some TTL in an authentication table when you authenticate the user with your App1

  2. Redirect the user to any other app in any domain with this security key where they can query the authentication table and verify the user.

  3. Let these other applications work on their own (in the front end) and communicate with the back-end with the security key when necessary.

Lot of PHP frameworks has built-in support for this mechanism. My favorite is Silex.

Charlie
  • 22,886
  • 11
  • 59
  • 90