User AP - Authenticating user - Get current user OR Is Valid User Session?

To check if there is a logged in user. What is the difference and which is better?

How does a “remember me” box play into either choice?

Tim

Hello @Tim_Jones,

When a user logs in, their user-token is written to Local Storage if he selected “remember me” while doing so. Further, if he closes the browser/application or reloads the page, the object of the user itself does not remain for obvious reasons, but using the “Get Current User” block you can get it, thanks to the saved user-token. If the user-token is already invalid, an appropriate error will be returned by the server. The “isValidLogin” block, in turn, does not return the user, but simply returns true or false, depending on whether a valid token is sent along with it.

Regards,
Stanislaw

Thanks, @stanislaw.grin!

Where is the user-token stored if the user does not select “remember me”?

How does the Get Current User Reload checkbox work against the user-token?

Tim

It is stored in the resident memory of the application itself.

It checks if the user object itself is available and if not, fetches the user object by using the available user-token.

Regards,
Mark

Hello,

I don’t know if this case is possible but what does the Get Current user returns when the user object itself is available but not the user-token ? Does the Get Current user checks if the user-token is present before returning the available (already loaded) user object ?

Also I noticed that when I login with stayLoggedIn to false, the method “isUserSessionValid” returns false while session timeout is disabled in backendless console. Is it normal ?

Thank you

Hello @Seb777

Are you using the UI-builder? If so, please specify the APP ID and the name of the page where it is reproduced.

Regards,
Inna

Hello @Inna_Shkolnaya ,

Here is my app id : DA2B3678-DF10-1BCF-FFF7-32A3F87A6400
After the login page (system container) the user is redirected to the dashboard page (default container) where “isValidUserSession” is called (see method “securityFilter”) on “on Before page Enter” event.

Thank you

Hi @Seb777

I can not find a place where you assign the current user after redirection, is there that place?

I’m asking because when you open your system app to log in it remembers the logged-in user in its memory and when you redirect to the default container it starts a new app which has its own local memory and there is no current user yet. Therefore the isSessionValid returns false.

When you redirect to the default container you need to pass in the query params userId and userToken and then set it to the app

1 Like

Hi @vladimir-upirov

Ok I understand now.

Thank you for the explanation !