Monday, October 4, 2021
Custom User Login Responses

 The introduction of the 2-Factor Authentication in the application framework has required changes to the login process. The framework challenges the users to enter a verification code to confirm their identity. Method CreateUserLoginResponse(username, success)  in the ApplicationServices partial class creates the JSON object with the instructions for the client-side code when the verification is needed.

Developers can take advantage of the new method to provide custom responses informing the user about the remaining login attempts, locked account, and other special cases. Otherwise the framework displays a generic message “Your user name and password are not valid.”

The sample code below will let the user name if the account is locked or display a notification at the bottom of the screen. The code executes only if there is no login response created by the base implementation to avoid conflicts with the multi-factor authentication.

Invalid username or password will yield a notification message when the JSON object with the notify property is returned.

A more prominent response is provided if the responses includes the alert property.

If the event property is returned in the response, then the framework will raise the client-side event on the document object with the response passed as the args property of the event. 2FA implementation uses this method to pass extended information to the client library.