AJAX XHR2 upload with authentication View previous topic :: View next topic  


NFOHump.com Forum Index - Programmers Corner
Page 1 of 1
PumpAction
[Schmadmin]



Posts: 26759
PostPosted: Tue, 15th Jul 2014 10:36    Post subject: AJAX XHR2 upload with authentication
Previously when uploading a file, I just submitted a form and upon submission I would instantly receive my browsers authentication notice (against Apache, basic auth).

Now I switched to AJAX based uploads with progress and performance display, also without the page refresh at the end of the file upload. Sadly though, the full file gets uploaded, THEN you get the auth notification and then it uploads the file again.

Any idea how I could trigger the auth before? Should I create a dummy connection that would trigger auth before? Is that the official way to circumvent this?

democode:
Code:
function upload(thefile){
   var m;
   if ((m = prompt("Enter a comment"))!==null) {
...
      $.ajax({
         xhr: function() {
            var xhr = new window.XMLHttpRequest();
            xhr.upload.addEventListener("progress", function(evt){
               if (evt.lengthComputable) {
                  var percentComplete = (evt.loaded / evt.total)*100;
                  counter = evt.loaded / 1048576;
                  $progress.text((speed!=0?" (" + speed.toFixed(2) + " MB/s)":""));
                  $pie.css(pieprogress(percentComplete, 24)).attr('title',percentComplete.toFixed(1) + "%");
               }
            }, false);
            return xhr;
         },
         type: "POST",
         url: document.forms["addFileForm"].action,
         data: new FormData(document.forms["addFileForm"]),
         processData: false,
         contentType: false,
         success: function () {
            raiseAlert("success", "File uploaded successfully.", 2500);
            angular.element(document.getElementById('svnlist')).scope().refresh();
         }, complete: function () {
            $busy.fadeOut(300);
            clearInterval(progress);
         }
      });
   }
};

=> NFOrce GIF plugin <= - Ryzen 3800X, 16GB DDR4-3200, Sapphire 5700XT Pulse
Back to top
Werelds
Special Little Man



Posts: 15098
Location: 0100111001001100
PostPosted: Tue, 15th Jul 2014 11:09    Post subject:
No, the correct way would be not to use basic authentication, but do token based authentication in a (session) cookie Wink

The second best way is to have a login form and construct the Auth header in JS from those values. I.e. what this guy was doing: http://stackoverflow.com/questions/5507234/how-to-use-basic-auth-and-jquery-and-ajax
Back to top
PumpAction
[Schmadmin]



Posts: 26759
PostPosted: Tue, 15th Jul 2014 12:40    Post subject:
Anonymous access is a must in our tool and only for specific tasks auth is required.

Thanks for the suggestion, I think that option two is what I will use Smile

=> NFOrce GIF plugin <= - Ryzen 3800X, 16GB DDR4-3200, Sapphire 5700XT Pulse
Back to top
PumpAction
[Schmadmin]



Posts: 26759
PostPosted: Mon, 6th Oct 2014 19:16    Post subject:
I was able to circumvent the problem by simply sending a dummy post message which triggers server side authentication mechanism in the client browser Smile Depending on the returned value the authentication is then accepted and the file actually uploaded.

=> NFOrce GIF plugin <= - Ryzen 3800X, 16GB DDR4-3200, Sapphire 5700XT Pulse
Back to top
Page 1 of 1 All times are GMT + 1 Hour
NFOHump.com Forum Index - Programmers Corner
Signature/Avatar nuking: none (can be changed in your profile)  


Display posts from previous:   

Jump to:  
You cannot post new topics in this forum
You cannot reply to topics in this forum
You cannot edit your posts in this forum
You cannot delete your posts in this forum
You cannot vote in polls in this forum


Powered by phpBB 2.0.8 © 2001, 2002 phpBB Group