User Login | OutSystems

Muhammad Faiq Roslan

Solved

User Login

Question

Currently, I have 2 different applications. Let's call it App A and App B. App A is the frontend part where consists of modules for frontend part. App B is the backend part where I for the server actions and consume external API. In App A for login part using oauth 2, I call server action from App B for 'Initialize Callback' where it should run 'Login' action. The 'Login' action is in App B. My issue is, when it creates or update user in App B, I can't get the user Id using GetUserId() from App A. It seems like App A have not do any login processes. This issue makes the current user is not registered.

14 Sep 2024

Kerollos Adel

Champion

Solution

1. Login Context Across Multiple Apps:

OutSystems treats user sessions separately for each application. When your Login action runs in App B, it authenticates the user in App B but doesn't automatically authenticate the user in App A.

To solve this, you'll need to make sure that the login process happens in both applications or ensure a shared authentication context.

2. Propagating the Login Session to App A:

Since you're using OAuth 2.0, the process would generally look like this:

Step 1: User is redirected to an external OAuth 2.0 provider.
Step 2: OAuth callback is handled in App B (where your backend and server actions reside).
Step 3: After a successful authentication in App B, you need to "login" the user into App A.

Here’s how you can address the issue:

Trigger a Login in App A: After completing the OAuth authentication in App B, you need to explicitly trigger the login in App A. This can be done by calling the Login action in App A once you receive the user's details from App B.
Pass User Data Across Apps: You can pass the necessary user data (like UserId or JWT token) from App B to App A using query parameters or session storage, then use it to log the user into App A.

3. How to Implement It:

Here's a more concrete approach you can implement:

In App A:
- After the OAuth callback is initialized in App A (the Initialize Callback action), get the token or user info from App B via API or server action.
- After getting the token from App B, use the Login server action in App A to authenticate the user.
In App B:
- Your OAuth handling and user creation/updating logic remain in App B, but when a user is created or logged in, send the session or user data back to App A (this could be via URL redirection with tokens or API).

4. GetUserId() Doesn't Return the User ID:

The function GetUserId() works based on the current user's session. In your case, it likely isn't returning anything because the user hasn't been logged in to App A after the OAuth process in App B.

To fix this:

Ensure that App A successfully logs in the user after receiving the OAuth data from App B.
Once the user is logged in App A, GetUserId() will return the correct ID.

Additional Considerations:

Single Sign-On (SSO): Consider implementing Single Sign-On (SSO) if you're managing user authentication across multiple apps. This ensures that a user authenticated in one app (App B) is also logged into the other app (App A) without needing to trigger another login.
Session Management: Ensure that session cookies or tokens are shared between both apps if they're on the same domain, or handle cross-domain session persistence securely.

See solution in context

15 Sep 2024

Abhinav Shilwant

Hi @Muhammad Faiq Roslan,

It seems like the issue you’re facing is due to the context of the login process being split between App A (frontend) and App B (backend). Since GetUserId() retrieves the ID of the logged-in user based on the session in the current application, and you’re executing the login in App B, App A doesn’t recognize the login session.

Here are a few things you can check or try:

1) Session Synchronization:

Ensure that both App A and App B are part of the same session context or shared environment. If App A and App B are considered separate applications in OutSystems, they may not automatically share session states like user authentication.

2) SetUser Action:

After calling the Login action in App B from App A, you might need to manually set the user session in App A. Use the SetUser action in App A to reflect the logged-in user after the login process is handled by App B. You can pass the user credentials from App B back to App A for this purpose.

3) Ensure Callback Completes Properly:

When you use OAuth 2 for login, ensure that the callback process is fully completed in App A. Sometimes, the callback might not register the login if the process between the apps isn’t handled correctly, especially if session information isn’t propagated properly.

4) Cross-App Communication:

Ensure that App A can access relevant session data from App B. If these apps are on different domains or contexts, you may face issues with the propagation of the login session. You might need to use cookies or shared session techniques if both apps operate in different environments.

This should help point the user in the right direction for handling login processes across multiple applications in OutSystems. Let me know if you need any further adjustments!

15 Sep 2024

Kerollos Adel

Champion

Solution

1. Login Context Across Multiple Apps:

OutSystems treats user sessions separately for each application. When your Login action runs in App B, it authenticates the user in App B but doesn't automatically authenticate the user in App A.

To solve this, you'll need to make sure that the login process happens in both applications or ensure a shared authentication context.

2. Propagating the Login Session to App A:

Since you're using OAuth 2.0, the process would generally look like this:

Step 1: User is redirected to an external OAuth 2.0 provider.
Step 2: OAuth callback is handled in App B (where your backend and server actions reside).
Step 3: After a successful authentication in App B, you need to "login" the user into App A.

Here’s how you can address the issue:

Trigger a Login in App A: After completing the OAuth authentication in App B, you need to explicitly trigger the login in App A. This can be done by calling the Login action in App A once you receive the user's details from App B.
Pass User Data Across Apps: You can pass the necessary user data (like UserId or JWT token) from App B to App A using query parameters or session storage, then use it to log the user into App A.

3. How to Implement It:

Here's a more concrete approach you can implement:

In App A:
- After the OAuth callback is initialized in App A (the Initialize Callback action), get the token or user info from App B via API or server action.
- After getting the token from App B, use the Login server action in App A to authenticate the user.
In App B:
- Your OAuth handling and user creation/updating logic remain in App B, but when a user is created or logged in, send the session or user data back to App A (this could be via URL redirection with tokens or API).

4. GetUserId() Doesn't Return the User ID:

The function GetUserId() works based on the current user's session. In your case, it likely isn't returning anything because the user hasn't been logged in to App A after the OAuth process in App B.

To fix this:

Ensure that App A successfully logs in the user after receiving the OAuth data from App B.
Once the user is logged in App A, GetUserId() will return the correct ID.

Additional Considerations:

Single Sign-On (SSO): Consider implementing Single Sign-On (SSO) if you're managing user authentication across multiple apps. This ensures that a user authenticated in one app (App B) is also logged into the other app (App A) without needing to trigger another login.
Session Management: Ensure that session cookies or tokens are shared between both apps if they're on the same domain, or handle cross-domain session persistence securely.

15 Sep 2024

Community GuidelinesBe kind and respectful, give credit to the original source of content, and search for duplicates before posting.

See the full guidelines