Closed. This question needs to be more focused. It is not currently accepting answers.
Want to improve this question? Update the question so it focuses on one problem only by editing this post.
Closed 3 years ago.
Improve this question
I followed this tutorial https://yii2-framework.readthedocs.io/en/stable/guide/tutorial-advanced-app/ but it doesn't say anything about backend admin login details.
How to setup backend admin login details?
You have to install and MIGRATE RBAC extension, after that register user with username admin. Take his id from DB and follow this tutorial:
https://habr.com/ru/post/235485/
how to set up role based access. I guess that's what you trying to implement.
Yii2 templates basically is a starting point to develop an app, not a pre-made cms that has default logins.
In this case, if you have executed migrations as outlined in the tutorial
Apply migrations with console command yii migrate.
Then you would have a user table in your database. You could create a new user there with a bcrypted password, and then use that to login to the application.
Related
Closed. This question needs details or clarity. It is not currently accepting answers.
Want to improve this question? Add details and clarify the problem by editing this post.
Closed 2 years ago.
Improve this question
I created a user and then logining for this user, all screens are disappeared. What am I doing wrong?
The only assumption I can make is that you use CUBA 7.2+ and your user has only the system-minimal role, thus their can only log in to the client without access to screens, entities, menu items, etc. I'd recommend defining a new role with the required permissions either design-time or run-time. See the Roles documentation for more details.
Also, take a look at the Security Subsystem section in the Release Notes to get familiar with changes made in CUBA 7.2.
Please set up the security properly. It means you need to create a role either in your code in design-time or define a role for the new user in runtime and grant corresponding properties.
Note that permissions in CUBA follow the "allowing" principle. E.g. if you define an entity as read-only for one role and give full access in another one, then a user granted with both roles will get full access to the entity.
Closed. This question needs to be more focused. It is not currently accepting answers.
Want to improve this question? Update the question so it focuses on one problem only by editing this post.
Closed 4 years ago.
Improve this question
My main problem is getting the token. I can’t go further than this step.
In the Linkedin API's docs there are two ways described to obtain the token.
Witch is the correct one?
1) https://developer.linkedin.com/docs/v2/oauth2-client-credentials-flow
2) https://developer.linkedin.com/docs/oauth2#configure
I understand that in order to use the new Linkedin API (the partners one) I should use the first one (https://developer.linkedin.com/docs/v2/oauth2-client-credentials-flow)
Here is my petition:
https://www.linkedin.com/oauth/v2/accessToken?grant_type=client_credentials&client_id={MYCLIENTID}&client_secret={MYCLIENTSECRET}
The response:
Error "access_denied"
error_description "This application is not allowed to create application tokens"
And I get stuck here.
With the second one (https://developer.linkedin.com/docs/oauth2#configure) I actually get a token:
https://www.linkedin.com/oauth/v2/authorization?response_type=code&client_id={MYCLIENTID}&redirect_uri={MYURIREDIRECT}&state={STATERETURNED}
This returns the code (and the State) which I use to make the token request:
https://www.linkedin.com/oauth/v2/accessToken?grant_type=authorization_code&client_id={MYCLIENTID}&client_secret={MYCLIENTSECRET}&redirect_uri={MYURIREDIRECT}&code={CODERETURNED}
And I get the token. But this isn’t the correct way to do it, is it?
By default you will need to use the authorization_code flow to obtain an access token. Per the documentation the client_credentials flow is not enabled by default and needs to be specially enabled by LinkedIn.
https://developer.linkedin.com/docs/v2/oauth2-client-credentials-flow
Closed. This question needs to be more focused. It is not currently accepting answers.
Want to improve this question? Update the question so it focuses on one problem only by editing this post.
Closed 8 years ago.
Improve this question
We are using Worklight 6.1 for our app. I want the app to remember the user id (with no limitation on the duration & it should be accurate & reliable).I want to use JSONStore API for this purpose.
In our app, after we gather the user credentials, we are sending them
to an adaptor function, where we are invoking some java classes to
validate the credentials aginst IBM bluepages & also against dbs
I have two questions:
1) When i ensure that user has been authenticated successfully for the first time, I will open a JSON store & keep the userid to the local storage, If I choose to encrypt it , which password I need to supply to make it encrypted ?
2) When the user tries to access the app from the same mobile device, the server should send a login form by pre populating the user id, how do I do this?
Thanks..
Encrypted Offline Cache is deprecated, so you might as well use JSONStore.
In MobileFirst Platform 6.3 ("Worklight"), there is a tutorial that accomplishes exactly your scenario. You should read it and try to implement it in 6.1; depending on JSONStore's featureset in 6.1, you might be able to. You'll need to try.
Here it is: Offline Authentication
Closed. This question is off-topic. It is not currently accepting answers.
Want to improve this question? Update the question so it's on-topic for Stack Overflow.
Closed 10 years ago.
Improve this question
I am writing code to login into router and grab some settings. My code,that I wrote for HTML login does not work with the router login.
I have included the image. What is it ? Can I have code in c#, python or C to login into it ?
It's Basic access authentication. And yes, you can use whatever language you are comfortable with as long as you can specify custom HTTP headers for the request.
As Jifri said, it's Basic access authentication. You can log into it by sending the username and password as part of the URL you request:
http://username:password#url.com
See discussion here too: Username and password in https url
Closed. This question needs to be more focused. It is not currently accepting answers.
Want to improve this question? Update the question so it focuses on one problem only by editing this post.
Closed 1 year ago.
Improve this question
Does Google Go support decoding of basic access authentication calls? How do I get the username and password from the http.Request?
Go does not seem to intercept basic authentication when it is typed as an URL in a browser, but it does allow one to get it from some other applications calling it.
For example, using a simple Python code for HTTP JSON RPC:
from jsonrpc import ServiceProxy
access = ServiceProxy("http://user:pass#127.0.0.1:8080/")
print access.getinfo()
And in Go calling:
// r *http.Request
r.Header["Authorization"]
One gets this string:
[Basic dXNlcjpwYXNz]
And
dXNlcjpwYXNz
Base-64 decoded gives
user:pass
So some basic authentication in Go is possible, although it might not be something one can rely on.
There seems to be no way to get the user-provided authentication info, but you can provide the valid username and password for HTTP Basic Authentication by calling SetBasicAuth.