Sign In for a single page angularjs web app
Question
I have a single page web app that I made using (html5, bootstrap, and) angularjs. I want to be able to securely register and sign in to the web page, and then I would have access to the information associated with my account on MySQL. Can someone give me a good starting point? I feel like I could do it myself but I'd make a mistake, and thus create a security loophole. It also seems to me as this would already be done in angularjs.
Note: I don't need anything fancy with different permission levels. Each user simply has full control over his/her own data.
1 answers
solution1
1 2014-05-11 15:13:55
Not sure about the technology you will be using on the server side. This is important to know as this is where the authentication / authorization "magic" will take place.
One possibility is to use Bearer Token authentication scenario, which works roughly as follows:
- The client send a request to an authentication end point on the server (for instance, sending username and password)
- The server authenticate and sends him back a authentication token, if the user has been successfully authenticated.
- Any subsequent request made to the server should include the bearer token in the request header that the server will verify before giving access to the resources.
The above is an overly simplified summary but should give you a starting point for reading as you requested.
Please note that:
1- No authentication should be made on the client side as this can easily be hacked.
2- Authorization to resources could be made on the client side to improve user experience, but MUST also be made on the server side for the same reasons as 1
3- Make sure that all transactions are made with https protocol, otherwise any effort could be vain.
Hope this helps getting you started
The technical post webpages of this site follow the CC BY-SA 4.0 protocol. If you need to reprint, please indicate the site URL or the original address.Any question please contact:yoyou2525@163.com.