All geek questions in one place

Cross Platform Login

I am working on an application where all user authentication occurs in the ColdFusion application (based on CFWheels), but interaction with file servers occurs through the Node.js application. I need to make sure that the user who logs into the CF application is allowed to access files on the node server. I was thinking of setting a cookie with a CFToken or something that the node server could read and pass ColdFusion asking, “Hey, can this token access this file”

My only problem with this is that I was not sure that CFTokens is being reused again, and if this is what should I use instead?

If other people have other ways of doing things when authentication needs to be reused for multiple engines, I'd love to hear your strategies.

+3
source share
2 answers

That sounds like a great way to do it.

But I would just use CFCOOKIE to set the cookie of your own project.

The two servers will need to share the domain name, of course, in order to be able to read the same cookie. You also need to set a cookie as a domain cookie.

One clean way to create this archive would be to create an entire CFC dedicated to security.

He would have methods for generating and checking input tokens.

CF , node.js -

http://server.com/path/security.cfc?method=validateToken&token=whatever

, , , / ( ) , node.js .

, mongodb (CF, Java Rails). CF . , , //etc, .

+4

Yip, , , SSO (Single Sign-on).

OpenID , , CF.

... - cookie , RESTfull ( ) webservice.

0

Source: https://habr.com/ru/post/1793075/

More articles:


All Articles