JMan JMan - 1 year ago 68
AngularJS Question

Is the security around web api template that visual studio provides enough?

I'm building a web app using angular 2 + web api. I have created the api using web api template that vs provides. I manage to create the log in of my app, what I did was pass the user name and password using basic authentication over https and api responds with a token + some details such as token exp, username etc., I then store these details in a local storage and use it to validate if the user is authenticated. Is the security around what I did enough?

Answer Source

Foremost, the kind of security that your application needs depends on what kind of data you are dealing with.

FYI, basic authentication is a really old technique which was drafted in 1999.

If you have security as a necessity for your application, you could go with OAuth 2.0 or JWT/Bearer tokens or you could even use basic authentication only for the initial API requests, get the token and then proceed with the token in the following requests.

Recommended from our users: Dynamic Network Monitoring from WhatsUp Gold from IPSwitch. Free Download