You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
{{ message }}
This repository was archived by the owner on Jul 12, 2020. It is now read-only.
Copy file name to clipboardexpand all lines: README.md
+13-11
Original file line number
Diff line number
Diff line change
@@ -1,4 +1,4 @@
1
-
# redux-http-basic-auth-example
1
+
# Redux HTTP Basic Authentication
2
2
3
3
When an app communicates with a HTTP API, which enforces some form of authentication, the app typically follows these steps:
4
4
@@ -9,11 +9,9 @@ When an app communicates with a HTTP API, which enforces some form of authentica
9
9
5. If the token/ hash does not work during any of the subsequent API requests (401 - Unauthorized), we'll need to invalidate the hash/ token and prompt the user to log in again.
10
10
6. Or, on failure (401 - Unauthorized): We display an error message to the user, prompting them re-enter their credentials.
11
11
12
-
Based on the work flow defined above we start our app by displaying a login form, _step 2_ kicks in when the user taps the login button... Dispatching the `login` action creator:
13
-
14
12
# Logging In #
15
13
16
-
Let's jump into some code:
14
+
Based on the work flow defined above we start our app by displaying a login form, _step 2_ kicks in when the user taps the login button... Dispatching the `login` action creator, let's jump into some code...
17
15
18
16
```
19
17
/// actions/user.js
@@ -45,9 +43,10 @@ export function login(username, password) {
45
43
})
46
44
.then(
47
45
data => {
46
+
// data = { authenticated: true, user: 'admin' }
48
47
// We pass the `authentication hash` down to the reducer so that it
49
48
// can be used in subsequent API requests.
50
-
// data = { authenticated: true, user: 'admin' }
49
+
51
50
dispatch(loginSuccess(hash, data.user))
52
51
},
53
52
(response, data) => dispatch(loginFailure(data.error || 'Log in failed'))
@@ -63,7 +62,7 @@ The first thing we do is dispatch an action creator:
63
62
```
64
63
dispatch(loginRequest())
65
64
```
66
-
Which results in our state letting us know that the user `isLoggingIn`. We use this to display an activity indicator (_spinning wheel_), and to disable the log in button in our log in view.
65
+
Which results in our store letting us know that the user `isLoggingIn`. We use this to display an activity indicator (_spinning wheel, "Loading...", etc._), and to disable the log in button in our log in view.
67
66
68
67
Next we base64 encode our credentials, and setup a fetch request.
69
68
```
@@ -79,18 +78,18 @@ Everything went well, so we...
79
78
```
80
79
dispatch(loginSuccess(hash, data.user))
81
80
```
82
-
Our `LOGIN_SUCCESS` action results in the `hash`been stored in our state, which will be used in every subsequent request.
81
+
Our `LOGIN_SUCCESS` action results in us having an authentication `hash` in our store, which we'll use in subsequent requests.
83
82
84
83
If something went wrong then we want to let the user know...
85
84
```
86
85
dispatch(loginFailure(data.error || 'Log in failed')
87
86
```
88
87
89
-
_The `loginSuccess`, `loginFailure`, and `loginRequest` action creators are fairly generic and don't really warrant code samples. (See `actions/user.js`)_
88
+
_The `loginSuccess`, `loginFailure`, and `loginRequest` action creators are fairly generic and don't really warrant code samples. (See `[actions/user.js](https://github.com/peterp/redux-http-basic-auth-example/blob/master/actions/user.js)`)_
90
89
91
90
### Reducer ###
92
91
93
-
Our reducer is fairly typical, simply updating our store for each action it receives.
92
+
Our reducer is also typical:
94
93
95
94
```
96
95
/// reducers/user.js
@@ -126,8 +125,9 @@ function user(state = {
126
125
127
126
# Subsequent API requests #
128
127
129
-
We now have an authentication hash in our store, which we can use in subsequent action creators on requests.
128
+
Now that we have an authentication hash in our storewe can use it in subsequent action creators, passing it in to requests.
130
129
130
+
In our example below we're fetching a list of friends for our authenticated user:
131
131
```
132
132
/// actions/friends.js
133
133
export function fetchFriends() {
@@ -169,6 +169,7 @@ export function fetchFriends() {
169
169
170
170
You'll find that most API requests typically dispatches the same 3 actions as above: `API_REQUEST`, `API_SUCCESS`, and `API_FAILURE`, and as such the majority of the request/ response code can be pushed into [middleware](https://github.com/reactjs/redux/issues/99#issuecomment-112198579).
171
171
172
+
We fetch the hash authentication token from the store and setup the request.
We fetch the hash authentication token from the store and setup the request. If our API requests with a 401 unauthorized status code then we've got to remove our hash from the store, and present the user with a log in view.
181
+
182
+
If the API response with a 401 unauthorized status code then we've got to remove our hash from the store, and present the user with a log in view again.
181
183
```
182
184
// did our request fail because our auth credentials aren't working?
0 commit comments