1

I am having a problem trying to get Ionic Auth custom login in my app using the app login form instead of using the inAppBrowser to go to an outside webform. I can successfully login a user, but will never call the fail function if I enter invalid credentials, etc. I have tested the php script an it works, returns the correct info, etc. I have a feeling it has something to do with the redirect_uri or the way I am handling the exception and 401 at the end of the script. Any ideas?

Like I said, the success function works fine. Only when the php script throws an exception does it not trigger the error callback.

Here is my login function.

$scope.login = function (userLogin) {

        var loginOptions = {'inAppBrowserOptions': {'hidden': true}};

        $ionicAuth.login('custom', userLogin, loginOptions).then(function (data) {
            Alert.showAlert('Success',JSON.stringify(data));
        },function(err){
            Alert.showAlert('Failed:',JSON.stringify(err));
        });
}

PHP CustomAuth:

<?php
// custom authentication for Ionic Apps
/**
 * @param string GET parameter token.
 * @param string GET parameter state.
 * @param string GET parameter redirect uri.
 * @return string Redirect URI.
 * @throws Exception
 */

require_once('../vendor/autoload.php');

use \Firebase\JWT\ExpiredException;
use \Firebase\JWT\JWT;

include($_SERVER['DOCUMENT_ROOT']."/connect/config.php");   


try {
    if (isset($_GET['token']) && isset($_GET['state']) && isset($_GET['redirect_uri'])) {

        $token          = $_GET['token'];
        $state          = $_GET['state'];
        $redirect_uri   = $_GET['redirect_uri'];

        $decoded    = JWT::decode($token, SECRET_KEY, array('HS256'));

        $email      = $decoded->data->email;
        $password   = $decoded->data->password;

        $results    = mysqli_query($dbc, "SELECT userID, fname, lname, userName, password, active FROM v_311users WHERE email='".$email."' LIMIT 1");
        $res_match  = mysqli_num_rows($results);
        $res        = mysqli_fetch_assoc($results);

        if ($res_match == 1){

            $userID     = $res['userID'];
            $active     = $res['active'];
            $pw         = $res['password'];
            $fname      = $res['fname'];
            $lname      = $res['lname'];


            if (password_verify($password, $pw)) {           

                if($active == 1){           

                    $custom->name = $fname.' '.$lname;
                    $custom->email = $email;
                    $payload = ['user_id'   => $userID,  'custom' => $custom];

                    $token = JWT::encode($payload, SECRET_KEY);                 

                    $url = $redirect_uri . '&' . http_build_query([
                        'token' => $token,
                        'state' => $state,
                        # TODO: Take out the redirect_uri parameter before production
                        //'redirect_uri' => 'https://api.ionic.io/auth/integrations/custom/success',
                    ]);

                    header('Location: '.$url);
                    exit();
                } else {
                    throw new Exception('Account Not Activated', 40);   
                }
            } else {
                throw new Exception('Invalid Credentials', 30);
            }
        } else {
            throw new Exception('Account Not Found', 20);
        }


    } else {
        // something failed with POST, should never get here!
         throw new Exception('Missing Parameters', 10);
    }

} catch (Exception $e) {
    header("HTTP/1.1 401 Unauthorized");
    echo json_encode(['error' => $e->getMessage(), 'code' => $e->getCode()]);
}

?>
Improve this question
9
  • Can you inspect the request coming back and verify it is indeed a 401 response? If not, try http://php.net/http-response-code Commented Sep 19, 2016 at 18:11
  • @JeffLambert Thanks, yes I get a 401 response and I have tried the http_response_code as well. I am just wondering if there are some other headers I am needing to return that are missing. I had read a little on WWW-Authenticate but that didn't seem to help either. Commented Sep 19, 2016 at 18:17
  • exit() is super hard core... it will abruptly end the script right? Couldn't you get rid of the exit()? The headers and response won't be sent if you forcefully close it i think Commented Sep 19, 2016 at 18:31
  • @datasedai I have tried that as well and it has no affect. The headers and response all come through with in or out. It is removed now and will edit my code above. Commented Sep 19, 2016 at 18:59
  • What login framework are you using? it's using a promise to resolve whether it was successful or not. I'm guessing that a 401 is somehow handled differently than a 500 on the client side, and it might not be getting resolved or rejected in whatever framework you're using... Searching through the ionic source code I can't find any login/auth type code... Commented Sep 19, 2016 at 19:20
Related questions
4
Create custom error messages for Firebase Authentication
7
Authentication - $http's .then() success callback called instead of error callback
0
Ionic, Angular authentication
Load 7 more related questions Show fewer related questions

0

Reset to default

Your Answer

By clicking “Post Your Answer”, you agree to our terms of service and acknowledge you have read our privacy policy.

Start asking to get answers

Find the answer to your question by asking.

Ask question

Explore related questions

See similar questions with these tags.