I am trying to implement authentication/authorization on Angular 2 and .net core (kicked off with this: https://github.com/aspnet/JavaScriptServices)
What Is my storage options for auth token (jwt) - so it could be accessible?:
- From client: write on login and when needed to renew the token, read when making get/post requests
- From server: read when node is prerendering the app (same requests, but from node context)
I understand that there is no much point to prerender protected content - since it won't be indexed anyways - but this brings the flickering issue back. Since node can not access this token (in my scenario) - server returns content-less html (in case the content requires authorization)
Currently I store my token in browser's local storage:
localStorage.setItem('currentUser', JSON.stringify({ username: username, token: token }));
... obviously node has no such thing and can not access it ...
Simple get request:
let headers = new Headers({ 'Authorization': 'Bearer ' + this.authenticationService.token });
let options = new RequestOptions({ headers: headers });
this.http.get(url, options).subscribe(response => callback(<any>response));
I am really early on learning/adopting this - I would also consider any other auth methods, but it has to comply with rule to be able to prerender authorized content.
via RUKAclMortality
No comments:
Post a Comment