Single page apps: auth token management and browser refreshes Single page apps: auth token management and browser refreshes angularjs angularjs

Single page apps: auth token management and browser refreshes


javascript api angularjs browser single-page-application

I think option 1 is the best one for your use case. All major web frameworks have support for this option.

In case you need to handle this manually you need to ensure these steps:

  • The web service will process the initial authentication request by creating and setting a secure authentication cookie. The auth cookie should be time based(only valid for a specific time interval) and its value should be a unique value if possible;
  • After the initial authentication request all subsequent requests will pass the authentication cookie with the request header automatically - this is handled by the browser.
  • The web service needs to handle cookie based authentication on subsequent requests by validating the cookie value and returning an error if the cookie has expired.
  • You need to ensure a client side global authentication handler captures any authentication exceptions and displays a friendly message to the user.

Recent Posts
How can I color dots in a xy scatterplot according to column value?
How to update a claim in ASP.NET Identity?
What does {0} mean when initializing an object?
Accessing members of items in a JSONArray with Java
How to log SQL statements in Spring Boot?
Powershell Get-WebSite name parameter is ignored
How to detect scroll to bottom of html element
Java synchronized method
How to test controllers with CodeIgniter?
Detect Visual Composer
Matplotlib: Specify format of floats for tick labels
Rails join a list of strings with commas and "and" before the last