React + Django (session) authentication











up vote
1
down vote

favorite












Is authentication implemented correctly?



At the entry point to the app, which is App.js, query the Django server, which responds whether the current user is authenticated after checking request.user.isAuthenticated



I am not using redux, just storing authentication state in a local object (this can't be tampered with I assume?). This is reset on signout and I guess it is also lost and re-queried whenever the app is reloaded.



All app routes except the login route are behind PrivateRoute, which will redirect to login unless myAuth.isAuthenticated === true.



Any additional comments welcome.



App.js



import React, {Component} from "react";

import ReactDOM from "react-dom";

import MainContainer from "../containers/MainContainer";

import {Provider} from "react-redux";

import store from "../store";

import BrowserRouter from "react-router-dom/es/BrowserRouter";

import {Redirect, Route, Switch} from "react-router-dom";

import LoginPage from "./LoginPage";

import myAuth from "../myAuth";

import {APP_LOGIN_PATH} from "../constants/paths";





class App extends Component {

    state = {

        loaded: false,

    };



    componentDidMount() {

        myAuth.authenticate(() => this.setState({

            loaded: true,

        }))

    }



    render() {

        const { loaded } = this.state;

        return (

            loaded ? (

                <BrowserRouter>

                    <Switch>

                        <Route path={ APP_LOGIN_PATH } component={ LoginPage } />

                        <PrivateRoute path="/app" component={ MainContainer } />

                    </Switch>

                </BrowserRouter>

            ) : (

                <div>Loading...</div>

            )

        )

    }

}



const PrivateRoute = ({ component: Component, ...rest }) => (

    <Route {...rest} render={(props) => (

        myAuth.isAuthenticated === true

        ? <Component {...props} />

        : <Redirect to={{ pathname: APP_LOGIN_PATH, state: { from: props.location }}} />

    )} />

);



const wrapper = document.getElementById("app");



wrapper ? ReactDOM.render(

    <Provider store={ store }>

        <BrowserRouter>

            <App />

        </BrowserRouter>

    </Provider>

    , wrapper) : null;


myAuth.js



const myAuth = {

    isAuthenticated: false,

    isStaff: false,

    isSuperuser: false,



    authenticate(cb) {

        console.log("authenticate");

        fetch("/session_user/")

            .then(response => {

                if (response.status !== 200) {

                    console.log("Something went wrong during authentication");

                }

                return response.json();

            })

            .then(data => {

                this.isAuthenticated = data.isAuthenticated;

                this.isStaff = data.isStaff;

                this.isSuperuser = data.isSuperuser;

            })

            .then(cb)

    },



    signout(cb) {

        fetch("/logout/")

            .then(response => {

                if (response.status !== 200) {

                    console.log("Something went wrong while logging out");

                }

            })

            .then(data => {

                this.isAuthenticated = false;

                this.isStaff = false;

                this.isSuperuser = false;

            })

    }

};



export default myAuth;





authentication react.js django jsx







share|improve this question




























    up vote
    1
    down vote

    favorite












    Is authentication implemented correctly?



    At the entry point to the app, which is App.js, query the Django server, which responds whether the current user is authenticated after checking request.user.isAuthenticated



    I am not using redux, just storing authentication state in a local object (this can't be tampered with I assume?). This is reset on signout and I guess it is also lost and re-queried whenever the app is reloaded.



    All app routes except the login route are behind PrivateRoute, which will redirect to login unless myAuth.isAuthenticated === true.



    Any additional comments welcome.



    App.js



    import React, {Component} from "react";
    
import ReactDOM from "react-dom";
    
import MainContainer from "../containers/MainContainer";
    
import {Provider} from "react-redux";
    
import store from "../store";
    
import BrowserRouter from "react-router-dom/es/BrowserRouter";
    
import {Redirect, Route, Switch} from "react-router-dom";
    
import LoginPage from "./LoginPage";
    
import myAuth from "../myAuth";
    
import {APP_LOGIN_PATH} from "../constants/paths";
    

    

    
class App extends Component {
    
    state = {
    
        loaded: false,
    
    };
    

    
    componentDidMount() {
    
        myAuth.authenticate(() => this.setState({
    
            loaded: true,
    
        }))
    
    }
    

    
    render() {
    
        const { loaded } = this.state;
    
        return (
    
            loaded ? (
    
                <BrowserRouter>
    
                    <Switch>
    
                        <Route path={ APP_LOGIN_PATH } component={ LoginPage } />
    
                        <PrivateRoute path="/app" component={ MainContainer } />
    
                    </Switch>
    
                </BrowserRouter>
    
            ) : (
    
                <div>Loading...</div>
    
            )
    
        )
    
    }
    
}
    

    
const PrivateRoute = ({ component: Component, ...rest }) => (
    
    <Route {...rest} render={(props) => (
    
        myAuth.isAuthenticated === true
    
        ? <Component {...props} />
    
        : <Redirect to={{ pathname: APP_LOGIN_PATH, state: { from: props.location }}} />
    
    )} />
    
);
    

    
const wrapper = document.getElementById("app");
    

    
wrapper ? ReactDOM.render(
    
    <Provider store={ store }>
    
        <BrowserRouter>
    
            <App />
    
        </BrowserRouter>
    
    </Provider>
    
    , wrapper) : null;


    myAuth.js



    const myAuth = {
    
    isAuthenticated: false,
    
    isStaff: false,
    
    isSuperuser: false,
    

    
    authenticate(cb) {
    
        console.log("authenticate");
    
        fetch("/session_user/")
    
            .then(response => {
    
                if (response.status !== 200) {
    
                    console.log("Something went wrong during authentication");
    
                }
    
                return response.json();
    
            })
    
            .then(data => {
    
                this.isAuthenticated = data.isAuthenticated;
    
                this.isStaff = data.isStaff;
    
                this.isSuperuser = data.isSuperuser;
    
            })
    
            .then(cb)
    
    },
    

    
    signout(cb) {
    
        fetch("/logout/")
    
            .then(response => {
    
                if (response.status !== 200) {
    
                    console.log("Something went wrong while logging out");
    
                }
    
            })
    
            .then(data => {
    
                this.isAuthenticated = false;
    
                this.isStaff = false;
    
                this.isSuperuser = false;
    
            })
    
    }
    
};
    

    
export default myAuth;





    authentication react.js django jsx







    share|improve this question


























      up vote
      1
      down vote

      favorite









      up vote
      1
      down vote

      favorite











      Is authentication implemented correctly?



      At the entry point to the app, which is App.js, query the Django server, which responds whether the current user is authenticated after checking request.user.isAuthenticated



      I am not using redux, just storing authentication state in a local object (this can't be tampered with I assume?). This is reset on signout and I guess it is also lost and re-queried whenever the app is reloaded.



      All app routes except the login route are behind PrivateRoute, which will redirect to login unless myAuth.isAuthenticated === true.



      Any additional comments welcome.



      App.js



      import React, {Component} from "react";
      
import ReactDOM from "react-dom";
      
import MainContainer from "../containers/MainContainer";
      
import {Provider} from "react-redux";
      
import store from "../store";
      
import BrowserRouter from "react-router-dom/es/BrowserRouter";
      
import {Redirect, Route, Switch} from "react-router-dom";
      
import LoginPage from "./LoginPage";
      
import myAuth from "../myAuth";
      
import {APP_LOGIN_PATH} from "../constants/paths";
      

      

      
class App extends Component {
      
    state = {
      
        loaded: false,
      
    };
      

      
    componentDidMount() {
      
        myAuth.authenticate(() => this.setState({
      
            loaded: true,
      
        }))
      
    }
      

      
    render() {
      
        const { loaded } = this.state;
      
        return (
      
            loaded ? (
      
                <BrowserRouter>
      
                    <Switch>
      
                        <Route path={ APP_LOGIN_PATH } component={ LoginPage } />
      
                        <PrivateRoute path="/app" component={ MainContainer } />
      
                    </Switch>
      
                </BrowserRouter>
      
            ) : (
      
                <div>Loading...</div>
      
            )
      
        )
      
    }
      
}
      

      
const PrivateRoute = ({ component: Component, ...rest }) => (
      
    <Route {...rest} render={(props) => (
      
        myAuth.isAuthenticated === true
      
        ? <Component {...props} />
      
        : <Redirect to={{ pathname: APP_LOGIN_PATH, state: { from: props.location }}} />
      
    )} />
      
);
      

      
const wrapper = document.getElementById("app");
      

      
wrapper ? ReactDOM.render(
      
    <Provider store={ store }>
      
        <BrowserRouter>
      
            <App />
      
        </BrowserRouter>
      
    </Provider>
      
    , wrapper) : null;


      myAuth.js



      const myAuth = {
      
    isAuthenticated: false,
      
    isStaff: false,
      
    isSuperuser: false,
      

      
    authenticate(cb) {
      
        console.log("authenticate");
      
        fetch("/session_user/")
      
            .then(response => {
      
                if (response.status !== 200) {
      
                    console.log("Something went wrong during authentication");
      
                }
      
                return response.json();
      
            })
      
            .then(data => {
      
                this.isAuthenticated = data.isAuthenticated;
      
                this.isStaff = data.isStaff;
      
                this.isSuperuser = data.isSuperuser;
      
            })
      
            .then(cb)
      
    },
      

      
    signout(cb) {
      
        fetch("/logout/")
      
            .then(response => {
      
                if (response.status !== 200) {
      
                    console.log("Something went wrong while logging out");
      
                }
      
            })
      
            .then(data => {
      
                this.isAuthenticated = false;
      
                this.isStaff = false;
      
                this.isSuperuser = false;
      
            })
      
    }
      
};
      

      
export default myAuth;





      authentication react.js django jsx







      share|improve this question















      Is authentication implemented correctly?



      At the entry point to the app, which is App.js, query the Django server, which responds whether the current user is authenticated after checking request.user.isAuthenticated



      I am not using redux, just storing authentication state in a local object (this can't be tampered with I assume?). This is reset on signout and I guess it is also lost and re-queried whenever the app is reloaded.



      All app routes except the login route are behind PrivateRoute, which will redirect to login unless myAuth.isAuthenticated === true.



      Any additional comments welcome.



      App.js



      import React, {Component} from "react";
      
import ReactDOM from "react-dom";
      
import MainContainer from "../containers/MainContainer";
      
import {Provider} from "react-redux";
      
import store from "../store";
      
import BrowserRouter from "react-router-dom/es/BrowserRouter";
      
import {Redirect, Route, Switch} from "react-router-dom";
      
import LoginPage from "./LoginPage";
      
import myAuth from "../myAuth";
      
import {APP_LOGIN_PATH} from "../constants/paths";
      

      

      
class App extends Component {
      
    state = {
      
        loaded: false,
      
    };
      

      
    componentDidMount() {
      
        myAuth.authenticate(() => this.setState({
      
            loaded: true,
      
        }))
      
    }
      

      
    render() {
      
        const { loaded } = this.state;
      
        return (
      
            loaded ? (
      
                <BrowserRouter>
      
                    <Switch>
      
                        <Route path={ APP_LOGIN_PATH } component={ LoginPage } />
      
                        <PrivateRoute path="/app" component={ MainContainer } />
      
                    </Switch>
      
                </BrowserRouter>
      
            ) : (
      
                <div>Loading...</div>
      
            )
      
        )
      
    }
      
}
      

      
const PrivateRoute = ({ component: Component, ...rest }) => (
      
    <Route {...rest} render={(props) => (
      
        myAuth.isAuthenticated === true
      
        ? <Component {...props} />
      
        : <Redirect to={{ pathname: APP_LOGIN_PATH, state: { from: props.location }}} />
      
    )} />
      
);
      

      
const wrapper = document.getElementById("app");
      

      
wrapper ? ReactDOM.render(
      
    <Provider store={ store }>
      
        <BrowserRouter>
      
            <App />
      
        </BrowserRouter>
      
    </Provider>
      
    , wrapper) : null;


      myAuth.js



      const myAuth = {
      
    isAuthenticated: false,
      
    isStaff: false,
      
    isSuperuser: false,
      

      
    authenticate(cb) {
      
        console.log("authenticate");
      
        fetch("/session_user/")
      
            .then(response => {
      
                if (response.status !== 200) {
      
                    console.log("Something went wrong during authentication");
      
                }
      
                return response.json();
      
            })
      
            .then(data => {
      
                this.isAuthenticated = data.isAuthenticated;
      
                this.isStaff = data.isStaff;
      
                this.isSuperuser = data.isSuperuser;
      
            })
      
            .then(cb)
      
    },
      

      
    signout(cb) {
      
        fetch("/logout/")
      
            .then(response => {
      
                if (response.status !== 200) {
      
                    console.log("Something went wrong while logging out");
      
                }
      
            })
      
            .then(data => {
      
                this.isAuthenticated = false;
      
                this.isStaff = false;
      
                this.isSuperuser = false;
      
            })
      
    }
      
};
      

      
export default myAuth;





      authentication react.js django jsx




      authentication react.js django jsx






      share|improve this question















      share|improve this question













      share|improve this question




      share|improve this question








      edited 2 days ago









      200_success

      127k15148410




      127k15148410










      asked 2 days ago









      M3RS

      1304




      1304



























          active

          oldest

          votes











          Your Answer





          StackExchange.ifUsing("editor", function () {
          return StackExchange.using("mathjaxEditing", function () {
          StackExchange.MarkdownEditor.creationCallbacks.add(function (editor, postfix) {
          StackExchange.mathjaxEditing.prepareWmdForMathJax(editor, postfix, [["\$", "\$"]]);
          });
          });
          }, "mathjax-editing");

          StackExchange.ifUsing("editor", function () {
          StackExchange.using("externalEditor", function () {
          StackExchange.using("snippets", function () {
          StackExchange.snippets.init();
          });
          });
          }, "code-snippets");

          StackExchange.ready(function() {
          var channelOptions = {
          tags: "".split(" "),
          id: "196"
          };
          initTagRenderer("".split(" "), "".split(" "), channelOptions);

          StackExchange.using("externalEditor", function() {
          // Have to fire editor after snippets, if snippets enabled
          if (StackExchange.settings.snippets.snippetsEnabled) {
          StackExchange.using("snippets", function() {
          createEditor();
          });
          }
          else {
          createEditor();
          }
          });

          function createEditor() {
          StackExchange.prepareEditor({
          heartbeatType: 'answer',
          convertImagesToLinks: false,
          noModals: true,
          showLowRepImageUploadWarning: true,
          reputationToPostImages: null,
          bindNavPrevention: true,
          postfix: "",
          imageUploader: {
          brandingHtml: "Powered by u003ca class="icon-imgur-white" href="https://imgur.com/"u003eu003c/au003e",
          contentPolicyHtml: "User contributions licensed under u003ca href="https://creativecommons.org/licenses/by-sa/3.0/"u003ecc by-sa 3.0 with attribution requiredu003c/au003e u003ca href="https://stackoverflow.com/legal/content-policy"u003e(content policy)u003c/au003e",
          allowUrls: true
          },
          onDemand: true,
          discardSelector: ".discard-answer"
          ,immediatelyShowMarkdownHelp:true
          });


          }
          });














           

          draft saved


          draft discarded


















          StackExchange.ready(
          function () {
          StackExchange.openid.initPostLogin('.new-post-login', 'https%3a%2f%2fcodereview.stackexchange.com%2fquestions%2f207485%2freact-django-session-authentication%23new-answer', 'question_page');
          }
          );

          Post as a guest























          active

          oldest

          votes













          active

          oldest

          votes









          active

          oldest

          votes






          active

          oldest

          votes
















           

          draft saved


          draft discarded



















































           


          draft saved


          draft discarded














          StackExchange.ready(
          function () {
          StackExchange.openid.initPostLogin('.new-post-login', 'https%3a%2f%2fcodereview.stackexchange.com%2fquestions%2f207485%2freact-django-session-authentication%23new-answer', 'question_page');
          }
          );

          Post as a guest






































































          -

          Popular posts from this blog

          8-я гвардейская общевойсковая армия

          Image
          8-я гвардейская общевойсковая ордена Ленина армия Награды: Войска: РККА → Советская армия → СВ России Род войск: Формирование: 1943 Расформирование (преобразование): 1992 Предшественник: 62-я армия (1942—43) → 8-я гвардейская общевойсковая армия (1943—92) → 8-й гвардейский армейский корпус (1992—98) Боевой путь Изюм-Барвенковская операция Донбасская операция Запорожская операция Битва за Днепр Днепропетровская операция Березнеговато-Снигирёвская операция Одесская операция Люблин-Брестская операция Варшавско-Познанская операция Восточно-Померанская операция Берлинская наступательная операция У этого термина существуют и другие значения, см. 8-я армия. Фотография Гвардейского Красного Знамени (лицевая сторона) 8-й гвардейской армии , образца 1943 года. Фотография Гвардейского Красного Знамени (оборотная сторона) 8-й гвардейской армии , образца 1943 года. 8-я гвардейская общевойсковая ордена Ленина армия  — гвардейское фор...
          Read more

          Charles de Carteret

          Image
          Charles de Carteret Stemma famiglia De Carteret Signore di Sark In carica 1693-1715 Predecessore Philippe de Carteret IV Successore John Carteret Nascita Sark, 4 giugno 1679 Morte 6 giugno 1715 Padre Philippe de Carteret IV Madre Elizabeth de Carteret Consorte Mary Carteret Charles de Carteret (Sark, 4 giugno 1679 – 6 giugno 1715) figlio di Philippe de Carteret IV, è stato il 6º signore di Sark e il 22º Signore di Saint Ouen dal 1693 all'anno della sua morte.. Non risiedette sull'isola di Sark e durante il suo governo i terreni della famiglia sull'isola vennero in buona parte lottizzati e venduti ai residenti. Fu gentiluomo delle camere private della regina Anna e balivo di Jersey. Alla sua morte, nel 1715, non avendo generato eredi, gli succedette il cugino John Carteret. Voci correlate | Famiglia De Carteret Collegamenti esterni | [1] [2] Portale Biografie : accedi alle voci di Wiki...
          Read more

          AnyDesk - Fatal Program Failure

          Image
          up vote 0 down vote favorite Good day all. I have a window that pops up saying Fatal Program Failure (AnyDesk). This is what I have done so far: Uninstalled AnyDesk and reinstalled it. ( The window still appeared ) I disabled AnyDesk start up in Msconfig and the window seems to have disapeared. Lastly I made sure that AnyDesk worked by remoting into it, and it worked. Today the same window appeared. How do I get rid of this window? remote-desktop share | improve this question edited Nov 15 at 7:49 Tomasz Jakub Rup 562 3 13 ...
          Read more