We have built multiple Android application with Wappler and are well versed in their creation and deployment to Google Play etc. Nothing we need to know there. We know how to use cookies within them, no issues there. We can build and deploy, so no issues there either...
RIGHT. So Android with a Digital Ocean Node JS back-end and not PHP. This is where our question is, has anybody had success in this area? We can get our Actions to load just fine. We use an Action for translation and this works just fine and translates the text (no Security Restrict). However Security Provider is simply not working (and we have used this enough to know it back to front). It is ignored, it allows for login but ignores Permissions, and any Action with Security Restrict is returned unauthorised despite everything being correct, tried and tested!
Do we have to use a PHP back-end for mobile applications?
We do not need advice on running an Android application but this is the first time connecting to a Node back-end and it fails. So we would like to know is this a no go?
We would like to say the latest implementation for Android is flawless in our regard, build and run on connected devices, no special workarounds needed, so HUGE praise there! Previously on Ubuntu it was a real pain but we had documented this process so always had that available, but now is super simple! Nice to finish with something positive...
Anyway advice on the above scenario very much appreciated indeed! My head is flat from headbutting the desk for 30 hours straight so gave it a good go but now need some friendly input!
Right have set a Dynamic Action on the Restricted Action based upon Unauthorized/Error/Forbidden/Invalid to goto a login page and that negates the issue...
Still am happy I didn't have to create a whole new Project for the back-end so will now work on a more refined way of dealing with this issue, and will post it after several cans of Redbull and some space cabbage.
Just being curious, are you using capacitor http and cookies plugins? Or just http?
With F7?
Been having some issues but don't know exactly where's the problem
Work around, after the login form is successful we forward to a redirect page which has a single Restricted Action on it (which gets a profile with a condition using the Security Identity of the logged in User), based on the result gets forwarded to or away, looks like this:
Thank you @George we have it all sorted now, working fine, not a bad User Experience either. Redirect page displays a nice initialisation animation and moves to to the application for authorised users. All fluid and the flow is nice.
As I said we are really happy with the latest Mobile abilities of Wappler! If we could just get Passport implemented now that would tie in nicely, but until @patrick responds we won't know much about that side for a little while to come, but still a very happy little team here, thanks again.
Token based authentication is something that we should implement separately in security provider anyway, so it is not really passport.js related but just an alternative of cookies @patrick
The main problem with the passport integration is that it can't be integrated with serverconnect app instance. The serverconnect app instance is initialized on the route handler and is per request an other instance. The passport middleware runs before the serverconnect app is initialized and also has no access to any of its functionality.
As you notice in the documentation for example the passport-auth-token. You will need to program a part yourself, it only passes the authtoken to the callback function where you then have your own program logic and here we will not have access to serverconnect data or database connections.
The serverconnect app was originally not developed for NodeJS, the first version were for PHP and ASP. Later it was ported to NodeJS and kept fully compatible with the other versions. We have the advantage that we have full control over the server with NodeJS, but also the disadvantage that the code is based on PHP/ASP with its per request instance.
Middleware in NodeJS that do not depend on App logic (database connections etc) can be used without problem. Most of the passport middleware require you to have some app logic (like lookup user or token in a database) and without access to serverconnect instance at that moment it will require custom JavaScript coding.
I would have setup serverconnect for NodeJS differently now so that it would make use of the full functionality, but then it would be totally different from PHP/ASP. The filosofie of Wappler is that it should not matter which server model you use, they should all behave exactly the same.
