Похожие чаты

Anyone used react router? How will client side know that

login is success? I am using passportjs

35 ответов

21 просмотр

check the response from server 😕

Adi- Автор вопроса
Masoud
check the response from server 😕

So you mean to say for login route when successful send user object in response?? Note: I am using express session passportjs local strategy

Adi
So you mean to say for login route when successful...

yes, simply you can send object like this { success : true user , token //optional }

Adi- Автор вопроса
Masoud
yes, simply you can send object like this { ...

Ok now if this object is sent after login is success and if we have redirected to profile page then from profile if he wants to go to about, contact, settings page all are protected how will that work?

Adi
Ok now if this object is sent after login is succe...

me usually do this first user will login and the the response will be back with set cookie header then token from response will be saved in my browser cookie and save user object in global state then user object will be available untill page refresh then in react or vue I will write a middleware that first on page load will requests to server just for getting logged in user data again (just for security reason I wont keep user data in cookie or localstorage) and then if data successfully got back then save it again in global state if not redirect to login . (cookie is httponly and dont forget to refresh jwt token) simply explained the whole jwt auth :)

Adi- Автор вопроса
Masoud
me usually do this first user will login and the...

Yes i am using http only cookie but when login is success user redirected to profile page and at this point user object is stored in redux state. Now user navigates to protected page user object is passed to auth route using useAuth hook. Now if session is expired then how to remove user object I mean set it to null/undefined? In react router docs I could not find where did they added this check for user object

Adi- Автор вопроса
Masoud
me usually do this first user will login and the...

Here auth.user is used in our case when login is success that user object will be stored in auth.user is that right? https://reactrouter.com/web/example/auth-workflow If above is right then I cannot see how auth.user is set to null if session is expired?? If logout button is clicked then user object is set to null but what about session expiry case?

Adi- Автор вопроса
Adi
Yes i am using http only cookie but when login is ...

on server you (should) have auth middlware and in that you check every request and when session is expired you will return for example 403 error and when that error receives on browser the you can set user object to null and redirect to login page

Adi- Автор вопроса
Masoud
on server you (should) have auth middlware and in ...

Oh ok got it. One more question user object should be stored in redux state and not local state is that right?

Adi- Автор вопроса
Masoud
on server you (should) have auth middlware and in ...

but there is one problem here. Lets say there are 2 protected routes i.e contact us and about page on these 2 pages API call is not made to server all the data is hardcoded on both the pages. In such cases if user just keeps switching between both these 2 pages then how will your solution work?

Adi
but there is one problem here. Lets say there are ...

What ? Once user token is invalidate and your user try to navigate to another protected route he will redirected always

Adi- Автор вопроса
Isaac .
What ? Once user token is invalidate and your user...

So you mean to say on frontend I have to check if session is valid or invalid??

Adi
So you mean to say on frontend I have to check if ...

I am frontend developer . I can say that you need to do this in the fronted to protect your routed .

Isaac .
I am frontend developer . I can say that you need ...

Also you should do this in the backend, protect your endpoints

Adi- Автор вопроса
Isaac .
I am frontend developer . I can say that you need ...

where will you add that logic in case of react router ?? link: https://reactrouter.com/web/example/auth-workflow

Adi- Автор вопроса
Isaac .
I am frontend developer . I can say that you need ...

you mean backend all should have auth middleware and on frontend also I have do something for auth?? Backend part is clear to me. I am not getting client side routing

Adi- Автор вопроса
Isaac .
I can't say nothing about backend 😂

So only frontend how to validate session? I am using http only cookie which cannot be accessed by client side JS

Adi- Автор вопроса
MUTHU・KUMAR 「メーカー」 🔺
These pages don't require login, so I don't see th...

Ok but as Masoud mentioned return from auth middleware from backend if session expired then set user object state on frontend to null and logout user is that correct implementation?

Adi
Ok but as Masoud mentioned return from auth middle...

Whether you care about user object on the client is up to you, but once the backend sends a 401 error, you can safely log the user out

Adi- Автор вопроса
Adi- Автор вопроса
MUTHU・KUMAR 「メーカー」 🔺
That means auth is a backend problem

But react router docs maintain some user object thats why I asked so got confused

Adi
but there is one problem here. Lets say there are ...

calling api is in middleware and middleware will called before entering every route 😕

Adi- Автор вопроса
Masoud
calling api is in middleware and middleware will c...

yes that is on backend but on frontend routes lets say I am navigating to protectedRoute which does not make an API call in that case what will you do?

Adi
yes that is on backend but on frontend routes lets...

NOOOO I mean the routes middleware in react 😐😑

Adi- Автор вопроса
Masoud
NOOOO I mean the routes middleware in react 😐😑

if I am not calling API and route is protected how will you handle it?

Adi
if I am not calling API and route is protected how...

2 modes will happen : 1- you load page directly go to for example contact us in this case you should get user data from api 2- you already got data from other routes in this case you have data abd does not need to call api

Похожие вопросы

Обсуждают сегодня

Ready for some fun AND a chance to win TKO Tokens? Join us for exciting minigames in our Telegram group! 🕒 Don’t miss out—games start on today 25 October 2024, at 8 PM! Ge...
Milkyway | Tokocrypto
255
Добрый вечер. Есть вопрос, а может и предложение. Был у меня диалог в другой группе о делфи и я задался вопросом: "А нельзя ли в делфи цвет //коментария и {комментария} сде...
Kraszx
24
How are we going bro about the Raids ??
🅿️abby_FX
13
Мдя, прикол, боевая сборка запускается (именно под отладчиком) после F9 примерно полторы минуты (97 секунд если быть точным). Начал копать - проблема детектится сразу - зависа...
Александр (Rouse_) Багель
38
Всем привет! Подскажи, пожалуйста, как передать в TComboBox сразу значение и id записи. На Delphi я делал так: ComboBox1.Items.AddObject('Какое-то значение', Pointer(id запис...
Евгений
10
Keep saying it, it’s Trump or WW3. Iran will be emboldened if Harris wins by cheating. Israel will have to take the initiative against Iran. How has BTC faired everytime the...
Adz | Ferrum Network Product & Service Consultant @ Ferrum Network
1
я так понимаю, я так подозреваю, что создание такого плагина для человека, кто умеет писать плагины для делфи потребует минут 5-10 времени. но это мое подозрение. хотелось бы ...
Kraszx
7
Товарищи, кто работа с iphelper? Или может я в самой логике ошибки фигачу, не пойму.... var ifTable : PMIB_IFTABLE; size, corSize: DWORD; Buffer ...
Warfarellen
4
Здравствуйте, вопрос по структурам данных. Были у вас случаи, когда пришлось писать деревья или двунаправленные списки?
/ /
50
Коллеги, добрый вечер. Создаю коллекцию от TFPGMap, ключ - перечисление, значение - целое. Нужно отсортировать коллекцию по значению. Как это можно сделать?
Kirill Filippenok
11
Карта сайта