Two-way Strong ¦ Sign In ¦ New User

Application Programming Interface (API)

 

Introduction

User Account

API Key

Test Environment

Web Application

Login

Token

Session Check

Session Check (Static)

Logout

Logout (Static)

Mobile Application

Mobile Login Check

Key Data Fields

Response Messages

Demo Examples

Powered By (Credit)

Technical Support

 

Session Check Function (Static)

The software developer can protect a static HTML page from unauthorized access by adding a JavaScript function in the header of the HTML page. When a user tries to access the page, the JavaScript will immediately execute the session check function before the Web browser has a chance to display the content. Required input values are your API key and two absolute URL addresses to tell Two-way Strong where you want the user to go on success and failure. The Session ID is optional and may be left blank.

This implementation will only provide a very basic level of protection and may not work in all Web browsers. For full protection and security, you must use the Web server script implementation.

Use this URL address to connect to the Test Environment:

https://www.2waystrong.com/ApiUsr/CheckV01StaticTest

Use this URL address to connect to the Live Environment:

https://www.2waystrong.com/ApiUsr/CheckV01StaticLive

Copy the entire computer program code and add it in your HTML page inside the HTML Head tag.

    <link rel="stylesheet" href="https://www.2waystrong.com/assets/css/TwowayBrowserControlV01.css" type="text/css" />
    <script>
        var TwowayApiAddress = "https://www.2waystrong.com/ApiUsr/CheckV01StaticLive";
        var setApiKey = "INSERT API KEY";
        var setReturnLoginPath = "INSERT USER LOGIN URL";
        var setReturnDestPath = "INSERT DESTINATION URL";

        var getSessionID = "";
        var permitAccess = "false";
        var queryString = location.search;
        var queryParams = new URLSearchParams(queryString);
        getSessionID = queryParams.get("sessionID");
        permitAccess = queryParams.get("permitAccess");

        if (permitAccess == "true" || queryString.includes("permitAccess=true")) {
            // Do nothing
        } else {
            TwowayCheck();
        }

        function TwowayCheck() {
            var TwowayForm = document.createElement("form");
            TwowayForm.setAttribute("action", TwowayApiAddress);
            TwowayForm.setAttribute("method", "post");
            TwowayForm.setAttribute("enctype", "application/x-www-form-urlencoded");
            document.head.appendChild(TwowayForm);

            var apiKey = document.createElement("input");
            apiKey.setAttribute("type", "hidden");
            apiKey.setAttribute("name", "apiKey");
            apiKey.setAttribute("value", setApiKey);
            TwowayForm.appendChild(apiKey);

            var sessionID = document.createElement("input");
            sessionID.setAttribute("type", "hidden");
            sessionID.setAttribute("name", "sessionID");
            sessionID.setAttribute("value", getSessionID);
            TwowayForm.appendChild(sessionID);

            var returnLoginPath = document.createElement("input");
            returnLoginPath.setAttribute("type", "hidden");
            returnLoginPath.setAttribute("name", "returnLoginPath");
            returnLoginPath.setAttribute("value", setReturnLoginPath);
            TwowayForm.appendChild(returnLoginPath);

            var returnDestPath = document.createElement("input");
            returnDestPath.setAttribute("type", "hidden");
            returnDestPath.setAttribute("name", "returnDestPath");
            returnDestPath.setAttribute("value", setReturnDestPath);
            TwowayForm.appendChild(returnDestPath);

            TwowayForm.submit();
        }

        window.oncontextmenu = function () {
            return false;
        };
    </script>

Download the complete source code.