i don't think you missed anything. i haven't seen a ready-made solution and had to write my own.
btw.. your steps seem to be missing something, because anyone can log into your application. by login functionality do you mean retaining session? or actually creating an account and getting authentication? On May 31, 8:46 am, Kasper Hansen <kbhdk1...@gmail.com> wrote: > Hi, > > Im wondering what's the best way to do a login functionality. I'm > using GWT and GAE, and I can't use openID or Google Accounts (my app > relies on phonenumber + pincode). > > I've built a Composite with the two boxes and a button for logging in, > and on the server I would normally store a flag in the session that > the user is logged in. However, when someone kicks the server, the > user has to log in again, which is a pain, so session-only coding is a > no-go. > > What's the best way to do this ? I can of course code everything myself, like > > 1) verify that the user exists > 2) hash the pin + the time > 3) store the time and the hash in the db and set the flag in session > 4) encapsulate all server commands, so that the hash is being re-sent > (by db lookup), if (for some reason) the server has been kicked and > the session lost, or navigate to the login composite, if the hash has > expired > > It just seems like a lot of work, for something that should be > standard. What have I missed in the docs ?? > > Cheers -- You received this message because you are subscribed to the Google Groups "Google Web Toolkit" group. To post to this group, send email to google-web-tool...@googlegroups.com. To unsubscribe from this group, send email to google-web-toolkit+unsubscr...@googlegroups.com. For more options, visit this group at http://groups.google.com/group/google-web-toolkit?hl=en.
