I have a Rails application that is using Devise for authentication and Angular on it's fontent to have a SPA application.
Now currently what I do is that when the user first loads the page, the user gets served a static html page with some angular on it. User can enter the credentials there and then press button to log in.
Now when the user logs in successfully then server will redirect the user back on the index page, but now I check on html page that current_user exists and then render and div that has ng-view in it. From here on every page change is done with ng-route and every request to the server is done with Angular.
Now as I understand, as long as the client making Ajax requests is under the same domain then the session cookies will be sent also along with requests. So technically the user should be checked on every request and all should be fine?
But is this a good way of handling the whole situation? Also what will happen when I later want some mobile apps to also be able to log in into that server and fetch some info form there?
Aucun commentaire:
Enregistrer un commentaire