Heya, I currently have an express and passport back-end for authentication. But there is this one question that is on my mind. Currently, back-end and front-end are seperated. Login, auth and session stuff is being done on the back-end, and when it is successful a cookie is created on the back-end server. Does the front-end application need to access this cookie? Because since the cookie is on the back-end server, when front-end makes a request the back-end server can check if the session cookie exists, and if it exists return data to the front-end related to that user.Just to clarify my question, I currently think that session cookies should only exist on the back-end server, and they don't need to be on the front-end.My head is kind of stuck on this subject and how it works, if this is how it works does the front-end need to make a request to the back-end server every time to see if the user is logged in or not? Wouldn't that be too much load on the servers? Every time user clicks on the profile tab on the webpage, a request would go to the back-end server to check if the user is logged in or not, if yes send user related data kind of scenario.
Submitted September 23, 2020 at 10:25PM by kreuzkamm
No comments:
Post a Comment