User Sessions
Unauthenticated and Unauthorized requests
introduction with the socratease library, you can explicitly specify the path that you want it to load because socratease is a front end library, the user can modify the path to something they shouldn't be allowed to access (for instance, imagine a teacher created a quiz, and a student loaded the path which shows the list of questions and answers ) to solve this, socratease has access management built in it uses the username key that you initialize the socratease library with to decide whether the requested resource should be returned or not code const options = { "config" { "login url path" "/account/login", "next url keyword" "next url" } } unauthenticated & unauthorized unauthenticated if to access a requested resource, a user needs to be logged in (say a quiz can only be accessed by logged in users), and you initialize the library with username=null , the socratease server will return a 401 response it will then automatically redirect the browser to your property's login management page you can specify this url with the login url keyword in the config key within the options docid\ y71gy6d17 sulyuo5jwve dictionary further, with the next url keyword key, socratease can append a url parameter to login url path you can set up your login management system such that it reads this parameter and then redirects the user to this url after successful login for example, let's say that the user visits yoursite com/learning/quiz 1 the user is not logged in, and the url requires the user to be logged in imagine you have set login url and next url keyword as shown in the example above the user will first be redirected to yoursite com/account/login?next url=yoursite com%2flearning%2fquiz 1 next url is the url encoding of the original url requested by the user your login management system can now redirect the user to yoursite com/learning/quiz 1 and because the user is now logged, she will be able to access quiz 1 unauthorized even if a user is logged in, they may be restricted from accessing certain resources (like the student accessing the questions) in this case, the socratease server will return a 403 response it will show a screen saying that the user doesn't have permissions to access that page/resource