React + Django (session) authentication











up vote
1
down vote

favorite












Is authentication implemented correctly?



At the entry point to the app, which is App.js, query the Django server, which responds whether the current user is authenticated after checking request.user.isAuthenticated



I am not using redux, just storing authentication state in a local object (this can't be tampered with I assume?). This is reset on signout and I guess it is also lost and re-queried whenever the app is reloaded.



All app routes except the login route are behind PrivateRoute, which will redirect to login unless myAuth.isAuthenticated === true.



Any additional comments welcome.



App.js



import React, {Component} from "react";

import ReactDOM from "react-dom";

import MainContainer from "../containers/MainContainer";

import {Provider} from "react-redux";

import store from "../store";

import BrowserRouter from "react-router-dom/es/BrowserRouter";

import {Redirect, Route, Switch} from "react-router-dom";

import LoginPage from "./LoginPage";

import myAuth from "../myAuth";

import {APP_LOGIN_PATH} from "../constants/paths";





class App extends Component {

    state = {

        loaded: false,

    };



    componentDidMount() {

        myAuth.authenticate(() => this.setState({

            loaded: true,

        }))

    }



    render() {

        const { loaded } = this.state;

        return (

            loaded ? (

                <BrowserRouter>

                    <Switch>

                        <Route path={ APP_LOGIN_PATH } component={ LoginPage } />

                        <PrivateRoute path="/app" component={ MainContainer } />

                    </Switch>

                </BrowserRouter>

            ) : (

                <div>Loading...</div>

            )

        )

    }

}



const PrivateRoute = ({ component: Component, ...rest }) => (

    <Route {...rest} render={(props) => (

        myAuth.isAuthenticated === true

        ? <Component {...props} />

        : <Redirect to={{ pathname: APP_LOGIN_PATH, state: { from: props.location }}} />

    )} />

);



const wrapper = document.getElementById("app");



wrapper ? ReactDOM.render(

    <Provider store={ store }>

        <BrowserRouter>

            <App />

        </BrowserRouter>

    </Provider>

    , wrapper) : null;


myAuth.js



const myAuth = {

    isAuthenticated: false,

    isStaff: false,

    isSuperuser: false,



    authenticate(cb) {

        console.log("authenticate");

        fetch("/session_user/")

            .then(response => {

                if (response.status !== 200) {

                    console.log("Something went wrong during authentication");

                }

                return response.json();

            })

            .then(data => {

                this.isAuthenticated = data.isAuthenticated;

                this.isStaff = data.isStaff;

                this.isSuperuser = data.isSuperuser;

            })

            .then(cb)

    },



    signout(cb) {

        fetch("/logout/")

            .then(response => {

                if (response.status !== 200) {

                    console.log("Something went wrong while logging out");

                }

            })

            .then(data => {

                this.isAuthenticated = false;

                this.isStaff = false;

                this.isSuperuser = false;

            })

    }

};



export default myAuth;





authentication react.js django jsx







share|improve this question




























    up vote
    1
    down vote

    favorite












    Is authentication implemented correctly?



    At the entry point to the app, which is App.js, query the Django server, which responds whether the current user is authenticated after checking request.user.isAuthenticated



    I am not using redux, just storing authentication state in a local object (this can't be tampered with I assume?). This is reset on signout and I guess it is also lost and re-queried whenever the app is reloaded.



    All app routes except the login route are behind PrivateRoute, which will redirect to login unless myAuth.isAuthenticated === true.



    Any additional comments welcome.



    App.js



    import React, {Component} from "react";
    
import ReactDOM from "react-dom";
    
import MainContainer from "../containers/MainContainer";
    
import {Provider} from "react-redux";
    
import store from "../store";
    
import BrowserRouter from "react-router-dom/es/BrowserRouter";
    
import {Redirect, Route, Switch} from "react-router-dom";
    
import LoginPage from "./LoginPage";
    
import myAuth from "../myAuth";
    
import {APP_LOGIN_PATH} from "../constants/paths";
    

    

    
class App extends Component {
    
    state = {
    
        loaded: false,
    
    };
    

    
    componentDidMount() {
    
        myAuth.authenticate(() => this.setState({
    
            loaded: true,
    
        }))
    
    }
    

    
    render() {
    
        const { loaded } = this.state;
    
        return (
    
            loaded ? (
    
                <BrowserRouter>
    
                    <Switch>
    
                        <Route path={ APP_LOGIN_PATH } component={ LoginPage } />
    
                        <PrivateRoute path="/app" component={ MainContainer } />
    
                    </Switch>
    
                </BrowserRouter>
    
            ) : (
    
                <div>Loading...</div>
    
            )
    
        )
    
    }
    
}
    

    
const PrivateRoute = ({ component: Component, ...rest }) => (
    
    <Route {...rest} render={(props) => (
    
        myAuth.isAuthenticated === true
    
        ? <Component {...props} />
    
        : <Redirect to={{ pathname: APP_LOGIN_PATH, state: { from: props.location }}} />
    
    )} />
    
);
    

    
const wrapper = document.getElementById("app");
    

    
wrapper ? ReactDOM.render(
    
    <Provider store={ store }>
    
        <BrowserRouter>
    
            <App />
    
        </BrowserRouter>
    
    </Provider>
    
    , wrapper) : null;


    myAuth.js



    const myAuth = {
    
    isAuthenticated: false,
    
    isStaff: false,
    
    isSuperuser: false,
    

    
    authenticate(cb) {
    
        console.log("authenticate");
    
        fetch("/session_user/")
    
            .then(response => {
    
                if (response.status !== 200) {
    
                    console.log("Something went wrong during authentication");
    
                }
    
                return response.json();
    
            })
    
            .then(data => {
    
                this.isAuthenticated = data.isAuthenticated;
    
                this.isStaff = data.isStaff;
    
                this.isSuperuser = data.isSuperuser;
    
            })
    
            .then(cb)
    
    },
    

    
    signout(cb) {
    
        fetch("/logout/")
    
            .then(response => {
    
                if (response.status !== 200) {
    
                    console.log("Something went wrong while logging out");
    
                }
    
            })
    
            .then(data => {
    
                this.isAuthenticated = false;
    
                this.isStaff = false;
    
                this.isSuperuser = false;
    
            })
    
    }
    
};
    

    
export default myAuth;





    authentication react.js django jsx







    share|improve this question


























      up vote
      1
      down vote

      favorite









      up vote
      1
      down vote

      favorite











      Is authentication implemented correctly?



      At the entry point to the app, which is App.js, query the Django server, which responds whether the current user is authenticated after checking request.user.isAuthenticated



      I am not using redux, just storing authentication state in a local object (this can't be tampered with I assume?). This is reset on signout and I guess it is also lost and re-queried whenever the app is reloaded.



      All app routes except the login route are behind PrivateRoute, which will redirect to login unless myAuth.isAuthenticated === true.



      Any additional comments welcome.



      App.js



      import React, {Component} from "react";
      
import ReactDOM from "react-dom";
      
import MainContainer from "../containers/MainContainer";
      
import {Provider} from "react-redux";
      
import store from "../store";
      
import BrowserRouter from "react-router-dom/es/BrowserRouter";
      
import {Redirect, Route, Switch} from "react-router-dom";
      
import LoginPage from "./LoginPage";
      
import myAuth from "../myAuth";
      
import {APP_LOGIN_PATH} from "../constants/paths";
      

      

      
class App extends Component {
      
    state = {
      
        loaded: false,
      
    };
      

      
    componentDidMount() {
      
        myAuth.authenticate(() => this.setState({
      
            loaded: true,
      
        }))
      
    }
      

      
    render() {
      
        const { loaded } = this.state;
      
        return (
      
            loaded ? (
      
                <BrowserRouter>
      
                    <Switch>
      
                        <Route path={ APP_LOGIN_PATH } component={ LoginPage } />
      
                        <PrivateRoute path="/app" component={ MainContainer } />
      
                    </Switch>
      
                </BrowserRouter>
      
            ) : (
      
                <div>Loading...</div>
      
            )
      
        )
      
    }
      
}
      

      
const PrivateRoute = ({ component: Component, ...rest }) => (
      
    <Route {...rest} render={(props) => (
      
        myAuth.isAuthenticated === true
      
        ? <Component {...props} />
      
        : <Redirect to={{ pathname: APP_LOGIN_PATH, state: { from: props.location }}} />
      
    )} />
      
);
      

      
const wrapper = document.getElementById("app");
      

      
wrapper ? ReactDOM.render(
      
    <Provider store={ store }>
      
        <BrowserRouter>
      
            <App />
      
        </BrowserRouter>
      
    </Provider>
      
    , wrapper) : null;


      myAuth.js



      const myAuth = {
      
    isAuthenticated: false,
      
    isStaff: false,
      
    isSuperuser: false,
      

      
    authenticate(cb) {
      
        console.log("authenticate");
      
        fetch("/session_user/")
      
            .then(response => {
      
                if (response.status !== 200) {
      
                    console.log("Something went wrong during authentication");
      
                }
      
                return response.json();
      
            })
      
            .then(data => {
      
                this.isAuthenticated = data.isAuthenticated;
      
                this.isStaff = data.isStaff;
      
                this.isSuperuser = data.isSuperuser;
      
            })
      
            .then(cb)
      
    },
      

      
    signout(cb) {
      
        fetch("/logout/")
      
            .then(response => {
      
                if (response.status !== 200) {
      
                    console.log("Something went wrong while logging out");
      
                }
      
            })
      
            .then(data => {
      
                this.isAuthenticated = false;
      
                this.isStaff = false;
      
                this.isSuperuser = false;
      
            })
      
    }
      
};
      

      
export default myAuth;





      authentication react.js django jsx







      share|improve this question















      Is authentication implemented correctly?



      At the entry point to the app, which is App.js, query the Django server, which responds whether the current user is authenticated after checking request.user.isAuthenticated



      I am not using redux, just storing authentication state in a local object (this can't be tampered with I assume?). This is reset on signout and I guess it is also lost and re-queried whenever the app is reloaded.



      All app routes except the login route are behind PrivateRoute, which will redirect to login unless myAuth.isAuthenticated === true.



      Any additional comments welcome.



      App.js



      import React, {Component} from "react";
      
import ReactDOM from "react-dom";
      
import MainContainer from "../containers/MainContainer";
      
import {Provider} from "react-redux";
      
import store from "../store";
      
import BrowserRouter from "react-router-dom/es/BrowserRouter";
      
import {Redirect, Route, Switch} from "react-router-dom";
      
import LoginPage from "./LoginPage";
      
import myAuth from "../myAuth";
      
import {APP_LOGIN_PATH} from "../constants/paths";
      

      

      
class App extends Component {
      
    state = {
      
        loaded: false,
      
    };
      

      
    componentDidMount() {
      
        myAuth.authenticate(() => this.setState({
      
            loaded: true,
      
        }))
      
    }
      

      
    render() {
      
        const { loaded } = this.state;
      
        return (
      
            loaded ? (
      
                <BrowserRouter>
      
                    <Switch>
      
                        <Route path={ APP_LOGIN_PATH } component={ LoginPage } />
      
                        <PrivateRoute path="/app" component={ MainContainer } />
      
                    </Switch>
      
                </BrowserRouter>
      
            ) : (
      
                <div>Loading...</div>
      
            )
      
        )
      
    }
      
}
      

      
const PrivateRoute = ({ component: Component, ...rest }) => (
      
    <Route {...rest} render={(props) => (
      
        myAuth.isAuthenticated === true
      
        ? <Component {...props} />
      
        : <Redirect to={{ pathname: APP_LOGIN_PATH, state: { from: props.location }}} />
      
    )} />
      
);
      

      
const wrapper = document.getElementById("app");
      

      
wrapper ? ReactDOM.render(
      
    <Provider store={ store }>
      
        <BrowserRouter>
      
            <App />
      
        </BrowserRouter>
      
    </Provider>
      
    , wrapper) : null;


      myAuth.js



      const myAuth = {
      
    isAuthenticated: false,
      
    isStaff: false,
      
    isSuperuser: false,
      

      
    authenticate(cb) {
      
        console.log("authenticate");
      
        fetch("/session_user/")
      
            .then(response => {
      
                if (response.status !== 200) {
      
                    console.log("Something went wrong during authentication");
      
                }
      
                return response.json();
      
            })
      
            .then(data => {
      
                this.isAuthenticated = data.isAuthenticated;
      
                this.isStaff = data.isStaff;
      
                this.isSuperuser = data.isSuperuser;
      
            })
      
            .then(cb)
      
    },
      

      
    signout(cb) {
      
        fetch("/logout/")
      
            .then(response => {
      
                if (response.status !== 200) {
      
                    console.log("Something went wrong while logging out");
      
                }
      
            })
      
            .then(data => {
      
                this.isAuthenticated = false;
      
                this.isStaff = false;
      
                this.isSuperuser = false;
      
            })
      
    }
      
};
      

      
export default myAuth;





      authentication react.js django jsx




      authentication react.js django jsx






      share|improve this question















      share|improve this question













      share|improve this question




      share|improve this question








      edited 2 days ago









      200_success

      127k15148410




      127k15148410










      asked 2 days ago









      M3RS

      1304




      1304



























          active

          oldest

          votes











          Your Answer





          StackExchange.ifUsing("editor", function () {
          return StackExchange.using("mathjaxEditing", function () {
          StackExchange.MarkdownEditor.creationCallbacks.add(function (editor, postfix) {
          StackExchange.mathjaxEditing.prepareWmdForMathJax(editor, postfix, [["\$", "\$"]]);
          });
          });
          }, "mathjax-editing");

          StackExchange.ifUsing("editor", function () {
          StackExchange.using("externalEditor", function () {
          StackExchange.using("snippets", function () {
          StackExchange.snippets.init();
          });
          });
          }, "code-snippets");

          StackExchange.ready(function() {
          var channelOptions = {
          tags: "".split(" "),
          id: "196"
          };
          initTagRenderer("".split(" "), "".split(" "), channelOptions);

          StackExchange.using("externalEditor", function() {
          // Have to fire editor after snippets, if snippets enabled
          if (StackExchange.settings.snippets.snippetsEnabled) {
          StackExchange.using("snippets", function() {
          createEditor();
          });
          }
          else {
          createEditor();
          }
          });

          function createEditor() {
          StackExchange.prepareEditor({
          heartbeatType: 'answer',
          convertImagesToLinks: false,
          noModals: true,
          showLowRepImageUploadWarning: true,
          reputationToPostImages: null,
          bindNavPrevention: true,
          postfix: "",
          imageUploader: {
          brandingHtml: "Powered by u003ca class="icon-imgur-white" href="https://imgur.com/"u003eu003c/au003e",
          contentPolicyHtml: "User contributions licensed under u003ca href="https://creativecommons.org/licenses/by-sa/3.0/"u003ecc by-sa 3.0 with attribution requiredu003c/au003e u003ca href="https://stackoverflow.com/legal/content-policy"u003e(content policy)u003c/au003e",
          allowUrls: true
          },
          onDemand: true,
          discardSelector: ".discard-answer"
          ,immediatelyShowMarkdownHelp:true
          });


          }
          });














           

          draft saved


          draft discarded


















          StackExchange.ready(
          function () {
          StackExchange.openid.initPostLogin('.new-post-login', 'https%3a%2f%2fcodereview.stackexchange.com%2fquestions%2f207485%2freact-django-session-authentication%23new-answer', 'question_page');
          }
          );

          Post as a guest























          active

          oldest

          votes













          active

          oldest

          votes









          active

          oldest

          votes






          active

          oldest

          votes
















           

          draft saved


          draft discarded



















































           


          draft saved


          draft discarded














          StackExchange.ready(
          function () {
          StackExchange.openid.initPostLogin('.new-post-login', 'https%3a%2f%2fcodereview.stackexchange.com%2fquestions%2f207485%2freact-django-session-authentication%23new-answer', 'question_page');
          }
          );

          Post as a guest






































































          -

          Popular posts from this blog

          Сан-Квентин

          Image
          Сан-Квентин Местоположение Сан-Квентин, Калифорния Координаты 37°56′13″ с. ш. 122°29′20″ з. д. H G Я O L Текущий статус Действует Режим безопасности минимальный и максимальный Количество мест 3 302 Открытие Июнь 1852 Находится в ведомстве California Department of Corrections and Rehabilitation Начальник Mike Martel, начальник  Сан-Квентин на Викискладе Сан-Квентин (англ.  San Quentin ) — тюрьма, располагающаяся на 432 акрах (около 1,7 км²), на мысе Сан-Квентин, в округе Марин, штат Калифорния, США. Тюрьма штата Калифорния Сан-Квентин была открыта в июле 1852 года и является старейшей в штате. Она была построена заключёнными, которые проживали в течение строительства на тюремном судне Вабан. В Сан-Квентине отбывали наказание и мужчины, и женщины до 1934 года, когда построили женскую тюрьму в Техачапи и туда перевели всех заключённых женщин. В Сан-Квентине приводятся в исполнение смертные казни, для этого имеется газовая камера, но...
          Read more

          8-я гвардейская общевойсковая армия

          Image
          8-я гвардейская общевойсковая ордена Ленина армия Награды: Войска: РККА → Советская армия → СВ России Род войск: Формирование: 1943 Расформирование (преобразование): 1992 Предшественник: 62-я армия (1942—43) → 8-я гвардейская общевойсковая армия (1943—92) → 8-й гвардейский армейский корпус (1992—98) Боевой путь Изюм-Барвенковская операция Донбасская операция Запорожская операция Битва за Днепр Днепропетровская операция Березнеговато-Снигирёвская операция Одесская операция Люблин-Брестская операция Варшавско-Познанская операция Восточно-Померанская операция Берлинская наступательная операция У этого термина существуют и другие значения, см. 8-я армия. Фотография Гвардейского Красного Знамени (лицевая сторона) 8-й гвардейской армии , образца 1943 года. Фотография Гвардейского Красного Знамени (оборотная сторона) 8-й гвардейской армии , образца 1943 года. 8-я гвардейская общевойсковая ордена Ленина армия  — гвардейское фор...
          Read more

          Алькесар

          Image
          Муниципалитет Алькесар Alquézar Герб 42°10′16″ с. ш. 0°01′27″ в. д. H G Я O L Страна Испания   Испания Автономное сообщество Арагон Провинция Уэска Комарка Сомонтано-де-Барбастро Алькальд Хосе Марияно Альтемир Ласкорс (ИСРП) История и география Площадь 32,36 км² Высота НУМ 660 м Часовой пояс UTC+1, летом UTC+2 Население Население 313 человек ( 2010 ) Плотность 9,92 чел./км² Этнохороним alquezarano/-a Цифровые идентификаторы Телефонный код +34 974 Почтовые индексы 22112 Автомобильный код HU alquezar.org   (исп.) Показать/скрыть карты Алькесар Алькесар Алькесар  Аудио, фото и видео на Викискладе Алькесар (исп.  Alquézar ) — муниципалитет в Испании, входит в провинцию Уэска, в составе автономного сообщества Арагон. Муниципалитет находится в составе района (комарки) Сомонтано-де-Барбастро. Занимает площадь 32,36 км². Население — 321 челове...
          Read more