I've found a good flow to manage custom session manage here. The question now is concerning on, which is the best way to store that the user is already validated?
For example I have a rest api that return 0 or 1 if user's creadentials are valid. Now, how and where can I store that information? SessionStorage could be good a place but if I store the user's password encrypted for example, then in controller, I have to check against what?? Where is the true and valid encrypted password?
This question is in general, how to manage user session in angularJS.
EDIT: Maybe the answer could be, you shouldn't check only credentials in the client side?
I've found the solution. Just comment if someone helps.
One of the most important thing is activate credentials in
$httpProvider.defaults.withCredentials = true;
Then in server some cookies must be stored into session and that's all. Next requests now are session-validated.