I want to know about the ways of saving user info.
Many seniors have recommended using $cookieStore
, or Authentication
or etc.
But how about using $rootScope
?
My idea is when user has logged in, saving his/her id and password into $rootScope
.
(Naming like $rootScope.user_id = 'stupid';
)
Is this dangerous way?
I don't know whether this question is duplicated or not, but I couldn't find one talking about using $rootScope
.
.
.
UPDATE
My config is like below.
'root controller' can see every scopes, so even if I refreshed pages,
$rootScope value does not disappear.
$stateProvider
.state('root.login',{
url: '/login',
controller: 'LoginCtrl',
templateUrl: 'views/login.html'
})
.state('root.signup',{
url: '/signup',
controller: 'LoginCtrl',
templateUrl: 'views/signup.html'
})
.state('root.main',{
url: '/main',
controller: 'MainCtrl',
templateUrl: 'views/main.html',
})
Its very bad way to store raw user credential in rootScope or cookies. However you can archive this by using userToken or session given by server side.
Example for userToken
Example for session
so if user refresh the page or switch the page you can call backend server to validate the userToken or session.
如果您存储敏感数据,$ rootScope将很容易受到攻击,而不是使用localstorage通过使用某些加密算法和密钥的加密来存储用户凭据,并如上所述,创建服务来获取和设置值。
The technical post webpages of this site follow the CC BY-SA 4.0 protocol. If you need to reprint, please indicate the site URL or the original address.Any question please contact:yoyou2525@163.com.