由于所有代码都在客户端呈现,因此用户能否绕过vue.js应用程序中某些路由或页面的限制?
[英]can users bypass restrictions to certain routes or pages in a vue.js application since all the code is rendered on the client side?
问题描述
when building single page app with, for example, firebase, are the api keys used, not visible to the user since all the code is rendered on the client side? 
使用例如Firebase构建单页应用程序时,由于所有代码均在客户端呈现,因此使用的api键对用户不可见吗? And also,since user is restricted to which routes or pages they can visit depending on the conditions set in the code, is it not possible for them to bypass or change the code since everything is on the client side? 而且,由于根据代码中设置的条件,用户受限于他们可以访问的路由或页面,因此,由于一切都在客户端,因此他们是否不可能绕过或更改代码吗?
1 个解决方案
解决方案1
0 2019-07-10 00:52:31
Although it is correct that the code is client-side in an SPA, restrictions for accessing pages can still be set in place. 尽管代码在SPA中是客户端代码是正确的,但是仍然可以设置访问页面的限制。
VueJS exposes several lifecycle hooks even before elements have been added to the DOM. VueJS甚至在将元素添加到DOM之前就公开了几个生命周期挂钩。 In this space, you can make a network request to an authentication service. 在此空间中,您可以向身份验证服务发出网络请求。 In your request, you would send a token (rf: jwt ). 在您的请求中,您将发送一个令牌(rf: jwt )。
await the response and you can redirect users to the login page, or continue with the component mount. await响应,您可以将用户重定向到登录页面,或继续进行组件安装。
声明:本站的技术帖子网页,遵循CC BY-SA 4.0协议,如果您需要转载,请注明本站网址或者原文地址。任何问题请咨询:yoyou2525@163.com.