Question

Disable Oauth Google authentication locally

1

Hi all, I am implementing the Oauth module for signin into my application with Google authentication. Thus far no problems. The problem comes with the fact that, locally, we want to be only able to sign in with a 'normal' Mendix account (not only MxAdmin) and in the cloud we want to only sign in via Google authentication. I see three options, from which I implemented the least nice one, namely adding some 'display: none' behaviour to the two different Nodes (one for Google login and one for Mendix login) and conditionally not displaying them based on the fact that there is 'localhost' in the window.location. See below. Two better options would be: Hiding based on a boolean constant in the Modeler Show a different index.html page based on this boolean constant in the Modeler Does anybody know how to implement either one of those solutions, or have even a better solution? My implemented solution: var loc = String(window.location); var str = loc.valueOf(); var match = str.indexOf("localhost"); var hidenode; if (match > 0){ hidenode = document.getElementById("oauth"); } else { hidenode = document.getElementById("content"); } if (hidenode){ hidenode.style.display = 'none'; hidenode.style.height = '0px'; }

asked 2015-04-08

Ivo Sturm

3 answers

0

Use login-default.html locally and remove this file from cloud.

Edit: You can change the login-default with the javascript you mentioned: (pseudocode) if not localhost then redirect

answered 2015-04-08

Chris de Gelder

0

Ivo,

I use the option that Chris stated. Locally I have users for which I know the passwords, in the cloud the users have scrambled passwords in the app (30 char random). This way using the login-default.html will not allow users to access the application. Although this is a good method for non-production environments I personally remove the file when creating a deployment package or deploying directly to the cloud, as this is the most secure way of working.

answered 2015-04-08

Erwin 't Hoen

Erwin 't Hoen · Accepted Answer · 2015-04-09

Ivo,

You could add the follwoing script to the index-default.html file in the head section:

    <script language="javascript" type="text/javascript">
     <!--

     if (window.location != "http://localhost:8080/index-default.html"){
     window.location="http://<your site name>";
     }
     // -->
 </script>

Then when the index-default.html is accessed from your cloud site the window location would not be the one stated in the script and the user will be automatically redirected to the standard url and use OAuth. When you are accessing the index-default.html from the localhost you'll have the standard login.

Hope this helps in easy deployment of your app using OAuth.