Node authentication with client-side routing
Question
So I'm unsure of the practicalities of authentication on a SPA, as I try to get used to my new stack of choice.
I will be serving a Node/Express app, with all API routes on /api , and the frontend served on the root / (all routes will serve index.html , then the client-side routing will take care of the rest. So I have the backend authentication set up with the Passport library, which works well. But how does one keep the server and client sessions in sync? As well as taking care of security.
If I make a POST request to /api/login with credentials, what do I return in the response to the client? And where is the session set?
My frontend is Vue, so I assumed I would just pass the user data (if credentials are correct) to the instance and have a user object. But I'm guessing I need to store a token of some sort? (jwt?)
If someone could clear up how this client-server architecture works, that would be great.
Cheers.
1 answers
solution1
0 2017-07-31 06:45:19
Whenever user logs in with credentials you can send a JWT Auth Token and then store the token as Cookie/Local Storage.
Then send the token as Authentication Token in each request as Request Header/Data to validate the user.
The technical post webpages of this site follow the CC BY-SA 4.0 protocol. If you need to reprint, please indicate the site URL or the original address.Any question please contact:yoyou2525@163.com.