I'm currently making a custom CMS and I'm running two servers on separate ports.The client is an express server serving the API data which is templated using handlebars.The server is an express server acting as an API, I'm using passport and jwt for authentication.Which method would you recommend storing the tokens returned from the API? Currently I'm storing them in localStorage via an AJAX request upon login.In addition, what would be the best way of going about authorization with this project? I've got an entire admin section on the client server that I only want authorized users looking at. Would it be a matter of querying the users role in the database via the API once I verify the jwt then serving the pages?Many thanks.
Submitted April 27, 2017 at 05:56PM by wires55
No comments:
Post a Comment