Mehdi Guelloub Mehdi Guelloub - 1 year ago 76
AngularJS Question

AngularJS: is this a bad practice for authentification?

I'm new in AngularJS. I use Drupal as Backend for APIs.

So this is my problem:

When the user is logged-in, Drupal saves automatically the SessionNAME = SessionID in the cookie to keep the user logged-in so on refresh the user is still logged-in but i loose the userId, the username, his email, his favorite movies...

My solution was: sending a request to the server in
to get logged user data and I store these data in AuthetificationService.currentUser so if a user is logged i will have all his data otherwise currentUser will be NULL.

Is that a bad practise?

NOTE: Please if your suggestion will be webStorage or cookieStorage tell me exactly what i need to store and when i need to empty the cookie or the local-storage.

Answer Source

Here's the practice I follow and is usually used:

  1. Login->

create session on server -> store the user object and important info in localstorage e.g.

  1. Refresh Page (check session) check session(if logged in) -> get the user data from localStorage and use it e.g

    UserService.user = localStorage.getObject("myApp_user"); MoviesService.movies = localStorage.getObject("myApp_movies");

  2. Logout close session call on server->remove cookies->remove data from localStorage.. e.g. localStorage.removeItem("myApp_user"); localStorage.removeItem("myApp_movies");

Hope this helps.

Recommended from our users: Dynamic Network Monitoring from WhatsUp Gold from IPSwitch. Free Download