1

Is there any way to encode api response from java and decode same in angular js when we read that response?

Here is detailed description, I have java code which sends an OTP to user mail after clicking login button and user has to enter the same for authentication. When I call api to send otp from angular js code that api is returning otp in response, which is required to verify whether user entered correct otp or not. issue is i can see otp by inspecting element in networks.

Can any one one tell me is there any way to hide response in networks or

  1. get OTP(which is generated in java code and sent to mail) in angular js with out api call

  2. or any built in methods/class which is compatible in both java and js

Improve this question
5
  • There isn't anything developer can't do Commented Jan 17, 2018 at 14:47
  • Don't see why you need to return the otp in response to angular in the first place. Just store it server side Commented Jan 17, 2018 at 14:54
  • A (more) secure approach would be to encrypt and temporarily store the OTP on the server (user's HTTP session, etc.) and not send it back to the client. The login attempt checks against the stored password on the server. Commented Jan 17, 2018 at 14:55
  • For people who doesn't know, OTP is the acronym of One-Time Password. en.wikipedia.org/wiki/One-time_password Commented Jan 17, 2018 at 15:18
  • yes using httpsession i am able to do.thank you all Commented Jan 17, 2018 at 18:41

2 Answers 2

Reset to default
1

You cannot really hide network packets but you can change the direction of packet: It's better to send OTP from client to server and let server check if OTP is correct or not.

Step by step:

Client                  Server                     Mail
|     Request OTP Auth     |                          |
|------------------------->|                          |
|                          |                          |
|                          |     Send OTP by email    |
|                          |------------------------->|
|      ACK Response        |                          |
|<-------------------------|                          |
|                          |                          |
|      Send user OTP       |                          |
|------------------------->|                          |
|                          |                          |
|   Valid or Not Response  |                          |
|<-------------------------|                          |

To implement this, you could use user's HTTP sessions or Key/Value systems like redis.

Improve this answer
Sign up to request clarification or add additional context in comments.

Comments

0

You can encode your response with Base64 encoding in java and decode it with atob() in angular. The atob() is a js function that decodes a base-64 encoded string.

If your api response is in JSON, you can first use ObjectMapper in java to convert the object into String before applying the base 64 e.g

Java

ObjectMapper mapper = new ObjectMapper();
            
try {
                
String mechant = mapper.writeValueAsString(service.accounts(id));
String mechantEncoded = Base64.getEncoder().encodeToString(mechant.getBytes());
}catch(Exception et){}

Note: object.toString() will not give you the string value of the object.

Angular

this.mechant = JSON.parse(atob(response.data));
Improve this answer

Comments

Your Answer

By clicking “Post Your Answer”, you agree to our terms of service and acknowledge you have read our privacy policy.

Start asking to get answers

Find the answer to your question by asking.

Ask question

Explore related questions

See similar questions with these tags.