Hi @ephemorality it's unclear exactly what your requirements are, but it sounds like you need to call
context.user.getIdentity (API ref). Let me know if this is not what you require.
@danderson00 when a user signs in, there is a POST to
https://mytenant.aazurewebsites.net/.auth/login/aad/callback, and then a redirect to the url in post_login_redirect_uri. i'll definitely need to call context.user.getIdentity, but not sure where/how to do so after the POST and before the redirect?
Unfortunately this is part of the auth flow implemented in Azure Web Apps - we don't have direct control over the flow, though you could possibly use a custom redirect and a custom express route to handle it. Is there any reason why the getIdentity call needs to happen before the redirect? My understanding is that you want some sort of callback to occur after a login?
i have a middleware that is adapted from / similar to this one: https://github.com/adrianhall/30-days-of-zumo-v2/blob/day-22/blog-code/backend/authMiddleware.js
since i really want to run this logic only once per user, after the user's first authentication, i was looking for a way to do that explicitly. but maybe it's fine to just wait and run the logic in the "user exists but is not yet cached" scenario in that middleware?
btw, the larger goal here is arbitrary linked identities, so maybe there's a different approach altogether to accomplish that?
when dealing with tables req.azureMobile.tables('tablenamehere').read()..... is there a way to only select certain columns instead of selecting the whole record. I remember the deprecated azure mobile services had this feature without using straight sql statements. Is there equivalent readable documentation for the azure-mobile-apps related to sql / table operations other than https://docs.microsoft.com/en-us/azure/app-service-mobile/app-service-mobile-html-how-to-use-client-library
@togonow don't know the answer to your question but i did find api docs linked here: https://github.com/Azure/azure-mobile-apps-node#documentation--resources
found it. I simulated the same pattern based on the deprecated azure-mobile-services from https://msdn.microsoft.com/library/azure/jj613353 req.azureMobile.tables('tablenamehere').select('id', 'firstname', 'lastname').read() and i only got the needed columns. @ephemorality Thanks for the reference, but unfortunately the documentation is not very thorough into the details of azure queries / options etc... @danderson00 Can we have an updated reference same as azure mobile services specially i noticed that the azure-mobile-serivces documents has been removed from the support site. I was able to find the link of the deprecated function above hidden deep in ChrisRisner.com page: http://chrisrisner.com/Common-Scenarios-with-Windows-Azure-Mobile-Services which has been very helpful to many of us
globally
and wanna add db query logging as well
wanna change expiresInMinutes
?
thanks trying the same
for 5 mins
need to add 5 only right ?
looking some solution which can serve using code commenting :)
does not work :(
this is my code
var context = req.azureMobile;
var validateAuth = auth(context.configuration.auth);
// Validate api-key header against environment variable.
if(req.get('x-zumo-auth') !== undefined && validateAuth.validate(req.get('x-zumo-auth'))){
i want 5 min token
Sorry for responding so late, it's been crazy busy here. Looks like you sorted out most of the issues. As far as getIdentity goes, you could certainly cache the values in memory; there would be little benefit in caching them to a database as they are cached on the server anyway, the call made by getIdentity is light-weight.
With token expiry, the tokens are actually minted by the Azure Web Apps authentication ("EasyAuth") as opposed to the Mobile Apps SDK. Just checking with the Easy Auth team if this can be customized.
@togonow Thanks for the link to Chris' page. I'll send it to our docs people and see what we can come up with.
the idea is to store an id in an AAD B2C custom property, and use that for "personal table" authorization rather than the user's id/email. then i can link other arbitrary users so that any users with the same id in the custom property have the same authorization. does that seem like a reasonable approach for linking arbitrary identities (or are you aware of a better approach)?
@ephemorality That sounds reasonable. I was considering a similar approach for implementing data security / sharing, i.e. having a custom claim in the JWT token.
that is, is stateless auth possible with a node Azure Mobile App + AAD B2C?
@danderson00 seems something like this page is missing from the azure app service sdk
looks similar to what's here, no?: https://azure.github.io/azure-mobile-apps-node/module-queryjs_Query.html