Implementing User Logins in an RdbHost app.

The rdb2-authenticate.js module provides methods to log users in to your app, using either the traditional userid/password combo, or third-party logins such as Login-by-Twitter.

You add logins by including the module in your app, and then calling the relevant modules. The necessary server side changes are done for you by the module, when you first test the code.

Third Party Logins

Using third-party logins involves two methods, one that runs on page load, and the other is an event handler reacting to the user's decision to login. Third party logins involve redirecting the browser to a third-party, which redirects back. The event handler method starts the sequence of redirecting out and back, and the on page load method handles the final stage of login when the page reloads at the end.

The two methods would be included like:

var p = Rdbhost.Authenticate.confirm_fedauth_login();
return p.then(function(userData) {
  app.user = userData.issuer + userData.identifier;
  app.key = userData.key;

  var p1 = R.preauth().query(
      "SELECT profile::json->>'email' AS email \n" +
      "  FROM users u JOIN auth.fedauth_accounts o \n" + 
      "                  ON u.idx = o.idx \n" +
      "WHERE o.issuer = %(issuer) \n" +
      "  AND o.identifier = %(ident)s \n" + 
      "  AND o.key = %(key)s; ").
    .params({'ident': userData.identifier, 
             'key': userData.key, 
             'issuer': userData.issuer})

    return p1.then(function(d) { = d.result_sets[0].records.rows[0].email;

$('#facebook-login').click(function(evt) {
  // does not return;

The Federated Identity login process provides a unique user identifier and issuer name (Twitter, Facebook, etc); getting the user's email requires an additional step. The issuer name and identifier together constitute a unique user identity.

There is no separate registration for third-party logins, as the user is registered automatically upon first login.

Password Logins

Using password logins also involves two methods, one to register users, and one to log them in.

The first registration method involves just plugging the userid and password into the user tables; not very sophisticated. The second involves storing the user's email (which is also their userid) in the user tables, and sending them an email with the server-generated random password.

var p = Rdbhost.Authenticate.register_password_login(userid, password);
return p.then(function(d) {
    // user can login now
  .catch(function(e) {
    // some error occurred. e is an Error object.


var p = Rdbhost.Authenticate.register_login_with_email(email);
return p.then(function(d) {
   // user should check email for welcome message
.catch(function(e) {
   // some error occurred. 

For either registration method, the user actually logs in with:

var p = Rdbhost.Authenticate.password_login(userid, password)
p.then(function(userData) {
   app.user = userData.identifier;
   app.key  = userData.key;
.catch(function(e) {
   console.log('Error '+e.message);

The userData.key value is a random value that should be stored in a cookie or sessionStorage and used to authenticate user id in queries.


For either Federated Login or Password Login, the initial test will setup the server-side tables and functions required. This will involve interactively asking for your RdbHost login and password, to authorize making those server-side changes.

demo page
RdbHost rdb2-authenticate.js page
source code on

comments powered by Disqus