Redirect user to homepage after login
I am creating a web portal. The JavaScript that displays the homepage of the web portal is sensitive and must only be displayed to authenticated users.
I currently have two HTML files: login.html and homepage.html
When someone navigates to my app at portal.com/homepage, it redirects the user to portal.com/login
In order to cause the redirect, I am using lambda.
Once the user has logged in, I wish to redirect them to portal.com/homepage.
However, with the current headers that are being passed to the lambda through API Gateway, I have no way of authenticating the user and so cannot know whether the user is logged in.
I would like to know how to redirect my user to the homepage and forward the session information to the lambda so that my lambda can authenticate the user and return the html rather than redirecting to the login page.
Invoking the API with the client side JavaScript just returns the html file to the variable that called it rather than opening it in a new page.
Below are my lambdas:
exports.login = (event, context, callback) => {
const poolId = ** value that tells me a user is authenticated **
let contents = ""
let result = {}
if (poolId) {
result = {
statusCode:302,
headers: {
poolId,
"Location": "https://portal.com/homepage"
},
}
} else {
contents = fs.readFileSync(`app/login.html`);
result = {
statusCode: 200,
body: contents.toString(),
headers: {'content-type': 'text/html'}
};
}
callback(null, result);
};
exports.hoempage = (event, context, callback) => {
const poolId = ** value that tells me my user is authenticated**
let result = {}
let contents = ""
if (poolId) {
contents = fs.readFileSync(`app/homepage.html`);
result = {
statusCode: 200,
body: JSON.stringify([event, context]),
headers: {'content-type': 'text/html'}
}
} else {
result = {
statusCode:302,
headers: {
"Location": "https://portal.com/login"
}
}
}
callback(null, result)
}
Thank you in advance
node.js amazon-web-services aws-lambda aws-api-gateway amazon-cognito
edited Nov 13 at 20:59
John Rotenstein
67.5k774118
asked Nov 13 at 16:23
James Deehan
513
add a comment |
I am creating a web portal. The JavaScript that displays the homepage of the web portal is sensitive and must only be displayed to authenticated users.
I currently have two HTML files: login.html and homepage.html
When someone navigates to my app at portal.com/homepage, it redirects the user to portal.com/login
In order to cause the redirect, I am using lambda.
Once the user has logged in, I wish to redirect them to portal.com/homepage.
However, with the current headers that are being passed to the lambda through API Gateway, I have no way of authenticating the user and so cannot know whether the user is logged in.
I would like to know how to redirect my user to the homepage and forward the session information to the lambda so that my lambda can authenticate the user and return the html rather than redirecting to the login page.
Invoking the API with the client side JavaScript just returns the html file to the variable that called it rather than opening it in a new page.
Below are my lambdas:
exports.login = (event, context, callback) => {
const poolId = ** value that tells me a user is authenticated **
let contents = ""
let result = {}
if (poolId) {
result = {
statusCode:302,
headers: {
poolId,
"Location": "https://portal.com/homepage"
},
}
} else {
contents = fs.readFileSync(`app/login.html`);
result = {
statusCode: 200,
body: contents.toString(),
headers: {'content-type': 'text/html'}
};
}
callback(null, result);
};
exports.hoempage = (event, context, callback) => {
const poolId = ** value that tells me my user is authenticated**
let result = {}
let contents = ""
if (poolId) {
contents = fs.readFileSync(`app/homepage.html`);
result = {
statusCode: 200,
body: JSON.stringify([event, context]),
headers: {'content-type': 'text/html'}
}
} else {
result = {
statusCode:302,
headers: {
"Location": "https://portal.com/login"
}
}
}
callback(null, result)
}
Thank you in advance
node.js amazon-web-services aws-lambda aws-api-gateway amazon-cognito
edited Nov 13 at 20:59
John Rotenstein
67.5k774118
asked Nov 13 at 16:23
James Deehan
513
add a comment |
I am creating a web portal. The JavaScript that displays the homepage of the web portal is sensitive and must only be displayed to authenticated users.
I currently have two HTML files: login.html and homepage.html
When someone navigates to my app at portal.com/homepage, it redirects the user to portal.com/login
In order to cause the redirect, I am using lambda.
Once the user has logged in, I wish to redirect them to portal.com/homepage.
However, with the current headers that are being passed to the lambda through API Gateway, I have no way of authenticating the user and so cannot know whether the user is logged in.
I would like to know how to redirect my user to the homepage and forward the session information to the lambda so that my lambda can authenticate the user and return the html rather than redirecting to the login page.
Invoking the API with the client side JavaScript just returns the html file to the variable that called it rather than opening it in a new page.
Below are my lambdas:
exports.login = (event, context, callback) => {
const poolId = ** value that tells me a user is authenticated **
let contents = ""
let result = {}
if (poolId) {
result = {
statusCode:302,
headers: {
poolId,
"Location": "https://portal.com/homepage"
},
}
} else {
contents = fs.readFileSync(`app/login.html`);
result = {
statusCode: 200,
body: contents.toString(),
headers: {'content-type': 'text/html'}
};
}
callback(null, result);
};
exports.hoempage = (event, context, callback) => {
const poolId = ** value that tells me my user is authenticated**
let result = {}
let contents = ""
if (poolId) {
contents = fs.readFileSync(`app/homepage.html`);
result = {
statusCode: 200,
body: JSON.stringify([event, context]),
headers: {'content-type': 'text/html'}
}
} else {
result = {
statusCode:302,
headers: {
"Location": "https://portal.com/login"
}
}
}
callback(null, result)
}
Thank you in advance
node.js amazon-web-services aws-lambda aws-api-gateway amazon-cognito
edited Nov 13 at 20:59
John Rotenstein
67.5k774118
asked Nov 13 at 16:23
James Deehan
513
I am creating a web portal. The JavaScript that displays the homepage of the web portal is sensitive and must only be displayed to authenticated users.
I currently have two HTML files: login.html and homepage.html
When someone navigates to my app at portal.com/homepage, it redirects the user to portal.com/login
In order to cause the redirect, I am using lambda.
Once the user has logged in, I wish to redirect them to portal.com/homepage.
However, with the current headers that are being passed to the lambda through API Gateway, I have no way of authenticating the user and so cannot know whether the user is logged in.
I would like to know how to redirect my user to the homepage and forward the session information to the lambda so that my lambda can authenticate the user and return the html rather than redirecting to the login page.
Invoking the API with the client side JavaScript just returns the html file to the variable that called it rather than opening it in a new page.
Below are my lambdas:
exports.login = (event, context, callback) => {
const poolId = ** value that tells me a user is authenticated **
let contents = ""
let result = {}
if (poolId) {
result = {
statusCode:302,
headers: {
poolId,
"Location": "https://portal.com/homepage"
},
}
} else {
contents = fs.readFileSync(`app/login.html`);
result = {
statusCode: 200,
body: contents.toString(),
headers: {'content-type': 'text/html'}
};
}
callback(null, result);
};
exports.hoempage = (event, context, callback) => {
const poolId = ** value that tells me my user is authenticated**
let result = {}
let contents = ""
if (poolId) {
contents = fs.readFileSync(`app/homepage.html`);
result = {
statusCode: 200,
body: JSON.stringify([event, context]),
headers: {'content-type': 'text/html'}
}
} else {
result = {
statusCode:302,
headers: {
"Location": "https://portal.com/login"
}
}
}
callback(null, result)
}
Thank you in advance
node.js amazon-web-services aws-lambda aws-api-gateway amazon-cognito
node.js amazon-web-services aws-lambda aws-api-gateway amazon-cognito
edited Nov 13 at 20:59
John Rotenstein
67.5k774118
asked Nov 13 at 16:23
James Deehan
513
edited Nov 13 at 20:59
John Rotenstein
67.5k774118
asked Nov 13 at 16:23
James Deehan
513
edited Nov 13 at 20:59
John Rotenstein
67.5k774118
edited Nov 13 at 20:59
John Rotenstein
67.5k774118
edited Nov 13 at 20:59
John Rotenstein
67.5k774118
67.5k774118
asked Nov 13 at 16:23
James Deehan
513
asked Nov 13 at 16:23
James Deehan
513
asked Nov 13 at 16:23
James Deehan
513
513
add a comment |
add a comment |
1 Answer
1
active
oldest
votes
on the backend you can send you jwt tocken, validate the tocken if the session is expired redirect the user to login page otherwise keep him hanging around in your system.
see the following is the tocken validation mechanism.
https://docs.aws.amazon.com/cognito/latest/developerguide/amazon-cognito-user-pools-using-tokens-verifying-a-jwt.html
answered Nov 13 at 19:39
Asad Mehmood
1196
How can you send the token to the backend on a redirect with js?
– James Deehan
Nov 13 at 20:04
in header set the value for "Authentication" Key. then in the backend you can extract the value of Authentication from request header.
– Asad Mehmood
Nov 13 at 20:12
A redirection in the HTTP protocol doesn't support adding any headers to the target location. I've found a solution using Lambda@edge though. Thank you for the help
– James Deehan
Nov 14 at 13:40
add a comment |
Your Answer
StackExchange.ifUsing("editor", function () {
StackExchange.using("externalEditor", function () {
StackExchange.using("snippets", function () {
StackExchange.snippets.init();
});
});
}, "code-snippets");
StackExchange.ready(function() {
var channelOptions = {
tags: "".split(" "),
id: "1"
};
initTagRenderer("".split(" "), "".split(" "), channelOptions);
StackExchange.using("externalEditor", function() {
// Have to fire editor after snippets, if snippets enabled
if (StackExchange.settings.snippets.snippetsEnabled) {
StackExchange.using("snippets", function() {
createEditor();
});
}
else {
createEditor();
}
});
function createEditor() {
StackExchange.prepareEditor({
heartbeatType: 'answer',
autoActivateHeartbeat: false,
convertImagesToLinks: true,
noModals: true,
showLowRepImageUploadWarning: true,
reputationToPostImages: 10,
bindNavPrevention: true,
postfix: "",
imageUploader: {
brandingHtml: "Powered by u003ca class="icon-imgur-white" href="https://imgur.com/"u003eu003c/au003e",
contentPolicyHtml: "User contributions licensed under u003ca href="https://creativecommons.org/licenses/by-sa/3.0/"u003ecc by-sa 3.0 with attribution requiredu003c/au003e u003ca href="https://stackoverflow.com/legal/content-policy"u003e(content policy)u003c/au003e",
allowUrls: true
},
onDemand: true,
discardSelector: ".discard-answer"
,immediatelyShowMarkdownHelp:true
});
}
});
Sign up or log in
StackExchange.ready(function () {
StackExchange.helpers.onClickDraftSave('#login-link');
});
Sign up using Google
Sign up using Facebook
Sign up using Email and Password
Post as a guest
Required, but never shown
StackExchange.ready(
function () {
StackExchange.openid.initPostLogin('.new-post-login', 'https%3a%2f%2fstackoverflow.com%2fquestions%2f53285314%2fredirect-user-to-homepage-after-login%23new-answer', 'question_page');
}
);
Post as a guest
Required, but never shown
1 Answer
1
active
oldest
votes
1 Answer
1
active
oldest
votes
active
oldest
votes
active
oldest
votes
on the backend you can send you jwt tocken, validate the tocken if the session is expired redirect the user to login page otherwise keep him hanging around in your system.
see the following is the tocken validation mechanism.
https://docs.aws.amazon.com/cognito/latest/developerguide/amazon-cognito-user-pools-using-tokens-verifying-a-jwt.html
answered Nov 13 at 19:39
Asad Mehmood
1196
How can you send the token to the backend on a redirect with js?
– James Deehan
Nov 13 at 20:04
in header set the value for "Authentication" Key. then in the backend you can extract the value of Authentication from request header.
– Asad Mehmood
Nov 13 at 20:12
A redirection in the HTTP protocol doesn't support adding any headers to the target location. I've found a solution using Lambda@edge though. Thank you for the help
– James Deehan
Nov 14 at 13:40
add a comment |
on the backend you can send you jwt tocken, validate the tocken if the session is expired redirect the user to login page otherwise keep him hanging around in your system.
see the following is the tocken validation mechanism.
https://docs.aws.amazon.com/cognito/latest/developerguide/amazon-cognito-user-pools-using-tokens-verifying-a-jwt.html
answered Nov 13 at 19:39
Asad Mehmood
1196
How can you send the token to the backend on a redirect with js?
– James Deehan
Nov 13 at 20:04
in header set the value for "Authentication" Key. then in the backend you can extract the value of Authentication from request header.
– Asad Mehmood
Nov 13 at 20:12
A redirection in the HTTP protocol doesn't support adding any headers to the target location. I've found a solution using Lambda@edge though. Thank you for the help
– James Deehan
Nov 14 at 13:40
add a comment |
on the backend you can send you jwt tocken, validate the tocken if the session is expired redirect the user to login page otherwise keep him hanging around in your system.
see the following is the tocken validation mechanism.
https://docs.aws.amazon.com/cognito/latest/developerguide/amazon-cognito-user-pools-using-tokens-verifying-a-jwt.html
answered Nov 13 at 19:39
Asad Mehmood
1196
on the backend you can send you jwt tocken, validate the tocken if the session is expired redirect the user to login page otherwise keep him hanging around in your system.
see the following is the tocken validation mechanism.
https://docs.aws.amazon.com/cognito/latest/developerguide/amazon-cognito-user-pools-using-tokens-verifying-a-jwt.html
answered Nov 13 at 19:39
Asad Mehmood
1196
answered Nov 13 at 19:39
Asad Mehmood
1196
answered Nov 13 at 19:39
Asad Mehmood
1196
answered Nov 13 at 19:39
Asad Mehmood
1196
1196
How can you send the token to the backend on a redirect with js?
– James Deehan
Nov 13 at 20:04
in header set the value for "Authentication" Key. then in the backend you can extract the value of Authentication from request header.
– Asad Mehmood
Nov 13 at 20:12
A redirection in the HTTP protocol doesn't support adding any headers to the target location. I've found a solution using Lambda@edge though. Thank you for the help
– James Deehan
Nov 14 at 13:40
add a comment |
How can you send the token to the backend on a redirect with js?
– James Deehan
Nov 13 at 20:04
in header set the value for "Authentication" Key. then in the backend you can extract the value of Authentication from request header.
– Asad Mehmood
Nov 13 at 20:12
A redirection in the HTTP protocol doesn't support adding any headers to the target location. I've found a solution using Lambda@edge though. Thank you for the help
– James Deehan
Nov 14 at 13:40
How can you send the token to the backend on a redirect with js?
– James Deehan
Nov 13 at 20:04
How can you send the token to the backend on a redirect with js?
– James Deehan
Nov 13 at 20:04
in header set the value for "Authentication" Key. then in the backend you can extract the value of Authentication from request header.
– Asad Mehmood
Nov 13 at 20:12
in header set the value for "Authentication" Key. then in the backend you can extract the value of Authentication from request header.
– Asad Mehmood
Nov 13 at 20:12
A redirection in the HTTP protocol doesn't support adding any headers to the target location. I've found a solution using Lambda@edge though. Thank you for the help
– James Deehan
Nov 14 at 13:40
A redirection in the HTTP protocol doesn't support adding any headers to the target location. I've found a solution using Lambda@edge though. Thank you for the help
– James Deehan
Nov 14 at 13:40
add a comment |
Thanks for contributing an answer to Stack Overflow!
- Please be sure to answer the question. Provide details and share your research!
But avoid …
- Asking for help, clarification, or responding to other answers.
- Making statements based on opinion; back them up with references or personal experience.
To learn more, see our tips on writing great answers.
Some of your past answers have not been well-received, and you're in danger of being blocked from answering.
Please pay close attention to the following guidance:
- Please be sure to answer the question. Provide details and share your research!
But avoid …
- Asking for help, clarification, or responding to other answers.
- Making statements based on opinion; back them up with references or personal experience.
To learn more, see our tips on writing great answers.
Sign up or log in
StackExchange.ready(function () {
StackExchange.helpers.onClickDraftSave('#login-link');
});
Sign up using Google
Sign up using Facebook
Sign up using Email and Password
Post as a guest
Required, but never shown
StackExchange.ready(
function () {
StackExchange.openid.initPostLogin('.new-post-login', 'https%3a%2f%2fstackoverflow.com%2fquestions%2f53285314%2fredirect-user-to-homepage-after-login%23new-answer', 'question_page');
}
);
Post as a guest
Required, but never shown
Sign up or log in
StackExchange.ready(function () {
StackExchange.helpers.onClickDraftSave('#login-link');
});
Sign up using Google
Sign up using Facebook
Sign up using Email and Password
Post as a guest
Required, but never shown
Sign up or log in
StackExchange.ready(function () {
StackExchange.helpers.onClickDraftSave('#login-link');
});
Sign up using Google
Sign up using Facebook
Sign up using Email and Password
Post as a guest
Required, but never shown
Sign up or log in
StackExchange.ready(function () {
StackExchange.helpers.onClickDraftSave('#login-link');
});
Sign up using Google
Sign up using Facebook
Sign up using Email and Password
Sign up using Google
Sign up using Facebook
Sign up using Email and Password
Post as a guest
Required, but never shown
Required, but never shown
Required, but never shown
Required, but never shown
Required, but never shown
Required, but never shown
Required, but never shown
Required, but never shown
Required, but never shown
