Question
I am using the FatFractal Javascript SDK, and I have noticed that the login() function succeeds even for usernames that have not been previously registered with my application. I would like to force users to step through a registration process before having access to my app. Is there a way to restrict login access if a username has not been previously registered on my app's backend?
Edit: Here are some simplified code snippets to help illustrate the problem...
Pertinent variables:
https://stackoverflow.com/questions/14818854
italiano
english
français
española
中国
日本の
العربية
Deutsch
한국어
Português
Russianff = new FatFractal();
var pword = $("#login-input-pw").val();
var uname = $("#login-input-email").val();
My login function wired to an HTML form:
function login(){
ff.login(uname,pword,function(user){
// do stuff (change page, load data, etc.)
},function(statusCode, responseText){
$("#loginError").html("Error: " + JSON.parse(responseText).statusMessage + ".");
$("#login-input-pw").val('');
});
}
In situations where a username is entered that has not yet been registered with my app, I would expect the ff.login() failure callback function to execute. However, for all new login attempts (obviously, an existing username + incorrect password combo do not work), the success callback function executes, and the user is granted access to the app.
Solution
Out of the box, FatFractal applications allow "auto registration", which is what you're seeing here. That allows a simplified flow on your clients, but isn't always what you want.
To change the behavior, open your ff-config/application.ffdl file. You should see a line like this, near the top:
SET ActivateUsersOnReg true
Change that to false, then redeploy your app, either locally via ffef deploylocal, or to the cloud via ffef deployFFFabric, and you're good to go.
