Javascript Token based authentication for multiple domains.

$250-750 USD

Completed

Posted

almost 7 years ago

$250-750 USD

Paid on delivery

We need a scalable solution to authenticate the user from our php web application and store the token with the client via the browser. We need other websites on other domains with our javascript to be able to read the token so the javascript can send it in a restful API call. Our problem is that we are storing the token in a cookie which has built in protection from other domains accessing cookie data (the token) on another domain. It is this security measure that we need to overcome or work around. Our current work around is to send the client with the token to each domain but this is not a scalable solution. The solution must be achieved with javascript and without access to headers or other server side mechanisms with exception being to our main site. We of course can make modifications there. Communication and attention to detail is critical in this project so please begin your proposal with the phrase "One giant leap" so that we know you have fully read and understood the requirements. Our best hope is that the solution might be achievable through the use of "JWT" and "localStorage". Project will be completed when we can use the provided scalable solution to pass data from domain to domain via javascript.

Project ID: 13352591

About the project

29 proposals

Remote project

Active 7 yrs ago

Looking to make some money?

Email address

Benefits of bidding on Freelancer

Set your budget and timeframe

Get paid for your work

Outline your proposal

It's free to sign up and bid on jobs

Awarded to:

@istvanc5

One giant leap Hi there! My proposed solution would indeed use the browser's localStorage. I would use your main server as the authentication server (probably the role you're using it now). The server would issue a JWT after auth and store it in localStorage. The other websites would have an iframe containing the auth server's url that reads the JWT and sends message to the page. Please let me know if you're interested. Best Regards, Istvan PS. I have little history here. I have more reviews on my UpWork page at [login to view URL]~01b83853b885fb74c3

$310 USD in 4 days

5.0

(2 reviews)

3.5

29 freelancers are bidding on average $662 USD for this job

@meet2amitvw

Let's discuss more about project to finalise the proper scope with estimated cost and time so ping me over the freelancer chat.....I will share some demo as well for recent works if you want to check. You can also check my profile page as i have more than 32% Repeat Hire Ratio..so i work as long term basis...

$721 USD in 10 days

5.0

(162 reviews)

9.3

@zainy01

Hi! I've seen your requirements, I m interested in it, I'm experts in PHP(laravel,cakephp,CI,Zend) for Server side. tons of experience in developing and integration SOAP and Restful API Development token based using laravel framework. Note: Please reply back if you are interested in my bid, I'll let u know cost and time of this project. My Bid Cost will change once we discuss the project and I'll qoute you reasonable Price, current Bid is 75% of your maximum budget which is not right cost.

$562 USD in 10 days

5.0

(118 reviews)

7.8

@Chtioui86

Hi I am expert web developer i can do your solution using Javascript only and will fast and in a professional way. No payment until i finish your work. I can start right now Price and Time will depend to the full details and changes Thanks

$789 USD in 10 days

5.0

(280 reviews)

8.0

@extreamcode

HI, I can assist you with this Project. Here is a sampling of the few of my work contained at my portfolio: https://www.freelancer.com/u/extreamcode.html This is a placehoolder bid, I would be able to quote final price and time after discussion. I highly value professionalism and hold myself strictly accountable to my clients. I aim to form a long-term working relationship. Please, let me know what is needed to secure this bid! Thank you for your consideration. Asad Sajjad

$555 USD in 10 days

5.0

(75 reviews)

7.5

@AleenaIlyas

Hello, I have read what you exactly need, however I would like to ask you a few questions. I do work smart and do not rest until I get the job done. Please feel free to ping me anytime so we can have a detailed discussion and finalize our budget and timeline. I will deliver in best possible way. Thank you.

$555 USD in 10 days

5.0

(29 reviews)

7.2

@prashushinde9

Hello, I want to discuss this project with you further, let me know the best suitable time for you to schedule the meeting, Feel free to message me at any time, i used to be online 14 hrs in a day on this website so probably you will get a quick response from my end.. Lets proceed our conversation in chat. Thanks.

$773 USD in 15 days

4.8

(54 reviews)

7.1

@mike199

Hi, my name is Mike, I’m based in Oxford, UK. Your project description sounds interesting to me and I do have skills & experience that are required to complete it to a high standard. I can show you some examples of my work that are similar to this. Let me know when you’re available to go through it in more details.

$555 USD in 10 days

4.9

(47 reviews)

6.9

@Shopify

Hi, I (Myself a senior PHP Developer) have a team having experience of more than 10 years in developing web and mobile applications. I have a team of expert programmers who write robust and bug-free codes at the very first instance. After seeing our quality of work and the cooperation offered to you even after the work has been delivered to you, you’ll come to us again and again to avail our services. I read through the job details extremely carefully and I am absolutely sure that I can do the project very well. I can achieve the results that you are asking for within your timeframe and budget. I am confident I can exceed your expectations and I would love to work on your project. Warm Regards ~Team Shopify

$721 USD in 10 days

5.0

(29 reviews)

6.9

@oxceanweb

"One giant leap" Hii, Can we have a quick chat for the better mutual understanding of requirements? Looking forward to your response. Thanks and Regards, George ( Sr. Programmer )

$555 USD in 10 days

5.0

(25 reviews)

6.1

@kripanidhi

I WILL USE "JWT" and "localStorage" for Javascript Token based authentication for multiple domains. COST WILL BE STRAIGHT : 500$ TIMELINE : 10 DAY Waiting to hear more from you Thanks :)

$555 USD in 10 days

4.8

(54 reviews)

5.8

@ludiac

Hi, We have reviewed your project details and have understood the requirements. We have expert resources of JS to complete this job. We can share our portfolio with you via chat. Thank you.

$605 USD in 10 days

4.9

(24 reviews)

6.0

@Michal1986

One giant leap Hello Sir, The only solution what I can think of is using access_token like e.g. Facebook, which means adding it to the url. Each user has his own user_token, he can use that token to get real access_token which is saved to database and from now he can use that second token to make api calls Of course that second access token should hav some expire_time and also it should be removed from database when user logs out of application. Can't think of anything else than that.

$866 USD in 10 days

5.0

(22 reviews)

5.6

@schoudhary1553

Greetings sir, i am an expert freelancer for this job and your 100% satisfaction is assured if you allow me to serve. Here is the reason. Why you should pick me? a) I am a very expert and have the same kind of experience of 5 years. b) I work very hard (16+ hours a day and 7 days a week) and also very fast so... it will be done very soon than most of the other providers c) And most important part is my policy: "I will give you (to my client) life time support (as long as you keep relation with me). And fix any bugs/problem without any cost. So, don't ever worry about me” Please sir, leave a reply ASAP, as I am waiting for your kind reply

$750 USD in 8 days

5.0

(29 reviews)

5.3

@ZawnTechnologies

Hi there! I have read what you exactly need, however I would like to ask you a few questions. I wouldn't call myself a master but I do work smart and do not rest until I get the job done. Please feel free to ping me anytime so we can have a detailed discussion. If I can deliver I will deliver in best possible way. Thanks

$555 USD in 10 days

4.7

(5 reviews)

5.3

@zdesign77

Hey, how is it going today? My name is Michael, I'm a web designer/developer from Boston. I've had a look at your project description and feel that my skills match your requirements perfectly. In fact, I did a very similar project recently which I can share with you. Let me know when you have a minute to discuss.

$555 USD in 10 days

5.0

(7 reviews)

4.9

@hiteshkumar2

Hello I understand your requirements. I am able to do this work according to your needs. I have 2 year hand on experience in web development and one year as front end developer. I have sound knowledge of Wordpress themes, Plugin and Wordpress development. I have knowledge about MVC (Codeigniter) and design pattern and methodology. I have knowledge about frameworks and responsive designs. I have done some projects in javascript, jquery, angular js etc and I know about backend technologies like php and mysql etc. I have done project for brlcad USA Army research labs under Google. If you like to work with me then drop a message.

$555 USD in 10 days

5.0

(17 reviews)

4.5

@pinaliv

5 Reasons why you should hire me for your custom website and Application Development. 1. Available 24/7 upon your request 2. Delivery on-time with 100% satisfaction 3. Always think beyond boundaries and provide user friendly solution 4. Provide excellence with commitment 5. Most important, Free technical support for lifetime. Thank you

$666 USD in 4 days

4.2

(20 reviews)

4.8

@TheRealSlimPagey

EDIT: forgot to add "One giant leap"! I'm a Penetration Tester and Security Auditor based in Leeds, UK. I am a CREST registered ethical hacker. This does not seem like a complex issue. From what I have read this can be achieved with a simple adjustment to the applications Content Security Policy. You can specify which hosts can access what cookies through this, although it may require the cookie HTTP header to be changed from HTTP ONLY. I don't like the idea that you are storing session information client side, however, as this can cause some serious security issues! I ca, of course, provide you with a report (at no cost) once I've looked at the application with recommendations on how to accomplish what you need without involving client side code in the authentication mechanism.

$250 USD in 1 day