Site AngularJS accessing API, authentication question

2

I have an API written in PHP + Slim, which is being used by an administrative panel, and authentication is via token, which is returned when the panel user logs in.

However, I'm doing a site with Angular and would like to reuse the API, but I could not figure out how to make the authentication system for the site, since it can not return a token because it does not have a login.

I thought of something based on the site address, but I still have not figured it out yet.

What is the best strategy for performing this authentication?

Thank you in advance,

Thank you very much

    
asked by anonymous 09.03.2016 / 21:29

1 answer

1

Angled pages are single pages, singlePage Applications (or otherwise known as stateless architecture), the best way to do authentication in singlePage applications is by using JSW (Json web tokens)

If you've thought about doing the traditional method of keeping sessions like HTTPSession out of life, it does not make sense to use this in singlePageApp because your server will only retwee a single page and the rest comes dynamic see API.

I would advise you to create some webservice that returns a token, and for every request that the angle is made to the server you send a token next to the request payload or in the header of the request, traditionally I see a lot of the personnel using the header of the request. Dai your webservice will check the veracity of the last token (can be via database).

Summary:

Login request - > returns a token if successful

rest of the requests that require authentication - > takes this token in the header to a middleware or PHP authentication method

Tip: If you want to keep the user logged in if he gives a ctrl + r (refresh in the browser the page) put that token in the sessionStorage of javascript, or localStorage, or $ cookies of the angle.

I hope to have helped, hug.

    
11.03.2016 / 03:42