Authentication using nodejs server for jsreport



  • Hi, Can a git-repo of using nodejs-server for secure call to jsreport odata templates be uploaded. I wanted to figure out using Official example but i couldn't. It says to send the header to jsreport API but how do we get the authenticated header from our server using jsreport authentication api. An example in nodejs as well would be a lot helpful.

    As far as i can understand, I have to create an express app which has token based authorization. With that token i have to authenticate jsreport. Which url of jsreport do i hit with that token to get the token from the jsreport which will then be used to access the jsreport templates.


  • administrators

    hi! first clarify me something, do you want to implement single sign on with jsreport? or do you just want to authenticate calls to jsreport? both are different, and the focus of that example is Single Sign On, which can be confusing if you are just looking to authenticate calls to jsreport.

    also, do you want to make secure calls to get a list of templates in jsreport? or do you want to make secure call to render reports? or both?



  • Hi, thanks for connecting on short notice. I would like to authenticate calls to jsreport, probably to post, get and edit odata templates in jsreport. Thanks :)


  • administrators

    i see, unfortunately we don't have examples that show how to deal with templates (read, create, delete, update) outside of jsreport, but all is possible using http request (using OData format). you can find the best examples in jsreport-studio source code.

    do you want to help to create such examples? 😀 if you can create a repository with some functions that expects to interact with the jsreport API, i can complement by making all the http calls correctly authenticated and reviewing the format of the request.



  • @bjrmatos , i have already done the CRUD with http request. However, i would like to authenticate the calls to jsreport API, right now the odata templates are all public. Do we have something in jsreport with which we can authenticate the calls or do we need to make our own authentication for the calls.



  • Maybe this could help....

    If you are searching for the simple basic authentication, you can just enable this extension.
    https://jsreport.net/learn/authentication

    If you run your node.js express application with embedded jsreport and want to provide your custom authentication layer on top of the jsreport, you should take a look at this docs. You then only need to add your own auth middleware before initializing jsreport.
    https://jsreport.net/learn/adapting-jsreport#attach-to-existing-express-app



  • @jan_blaha I have read the https://jsreport.net/learn/authentication but couldn't understand how we could implement it, so was hoping to have a nodejs examples along with the guide.

    I will have custom authentication to the url that i am using. And, just close the port to public that gives access to public templates. Thanks for the reply



  • I see, we need to restructure this doc a bit.

    The usage in node.js can look as this

    var jsreport = require('jsreport')({
    "authentication" : {
        "cookieSession": {
            "secret": "dasd321as56d1sd5s61vdv32"        
        },
        "admin": {
            "username" : "admin",
            "password": "password"
        }
    })
    jsreport.init()
    

    Or add the authentication config property to your jsreport configuration file
    https://jsreport.net/learn/configuration



  • FYI the docs has been restructured to make the simple use case more obvious



  • @jan_blaha Yes, i followed the structure, and it helped a lot. But seeing all the information at a single standing confused me as a starter noob. So, it asks for the auth header which is the base64 encode of username and password authentication, which is really basic. With the firewall protection to the nodejs server, it is pretty secure. Thanks for the reply.
    It is just a suggestion but adding a code example would help to rather figure out things and play out with codes; better than seeing a written instruction.



  • I understand your point. However one aspect you could be missing is that the most of the jsreport users and use cases are unrelated to node.js. Adding the examples written in node.js would be confusing for them. That is why we stick in docs mainly with static config examples. The nodejs developers should read the node.js docs(https://jsreport.net/learn/adapting-jsreport) which explains how to pass the configs right through code.


Log in to reply
 

Looks like your connection to jsreport forum was lost, please wait while we try to reconnect.