Futurescale, Inc. PureMVC Home

The PureMVC Framework Code at the Speed of Thought

Over 10 years of community discussion and knowledge are maintained here as a read-only archive.

New discussions should be taken up in issues on the appropriate projects at https://github.com/PureMVC

Pages: [1]
Author Topic: noob question  (Read 11502 times)
Posts: 1

View Profile Email
« on: March 15, 2011, 08:18:41 »

Started learning puremvc this week by working though the best practices example to make a working login system. (That pdf is wonderful btw, with each turn of the page comes a new revelation)

I got the login system to work apart from one thing - authToken. Any reference to it I just commented out.

"Set by the server if the credentials are valid". No it isn't :P What type of token? Where do I get it from? How, and when, do I inject it in to the loginVO? (using cflogin against database validation)

I'm sure I'm going to slap my head and go "duh!" once I'm told the solution, but for now my brain is frazzled enough after only two days of getting to grips with the framework.
Global Moderator
Hero Member
Posts: 2871

View Profile WWW Email
« Reply #1 on: March 17, 2011, 10:33:08 »

The example in the Best Practices document is purely notional since it does not have a server side component. The concept with the authToken is that when you make the call to your login service, it would create a unique token to be used in subsequent requests (like a session id). That would be added to the LoginVO returned by the service, and stored by the LoginProxy on the client so that subsequent calls to the server could use that token. Other actors that retrieve the login proxy could tell if you are logged in or not by checking the loggedIn getter on the LoginProxy, which in turn checks to see that an authToken is present. That token can be retrieved directly from the proxy's authToken getter, so other actors don't need to know to get the loginVO and pluck the authToken from it. Once logged in, your other service calls would just need to include that token instead of full credentials.

Pages: [1]