Logo Questions Linux Laravel Mysql Ubuntu Git Menu
HTML CSS JAVASCRIPT SQL PYTHON PHP BOOTSTRAP JAVA JQUERY R React Kotlin
 

How to persist session data in an AngularJS application?

Tags:

angularjs

cookies

session

I have this web app written in AngularJs that uses cookies to authenticate the requests in a REST API.

Once the user logs in, the cookie is received and saved in the browser and all subsequent requests send the cookie along to the server. There is a 'User' service/object that saves the isLoggedIn and username values (for UI display/flow). Now, if I refresh the 'index' page, the app restarts. This means that my 'User' object will be cleared. I can check the existence of the cookie and, if it exists, I can re-set the User.isLoggeIn as true and go from there, but I still need to get the username, id, etc. So, my question is: should I create some sort of 'ping' endpoint in the API to verify if a cookie is valid? And if so, the API would send me back the user id and username... OR should I persist the user data in LocalStorage (or some similar cross-browser thing) and just assume the user is logged if the cookie exists? Any other subsequent requests to pages that need authentication would be automatically verified. So, this question really only applies to the scenario where the user refreshes the index page - hence, restarting the web app. I want to know the user data because I want to show a 'user homepage' instead of the 'public homepage'.

What do you think?

like image 523
Edd Avatar asked Sep 12 '13 09:09

Edd

People also ask

What is the sessionStorage object in HTML?

The sessionStorage object is equal to the localStorage object, except that it stores the data for only one session. The data is deleted when the user closes the specific browser tab.

1 Answers

You should depend on the server for this. Creating something like GetCurrentUser method on the server. If the user is logged on this returns all the properties of the user.

You should even use this server api to get the user data after authentication completes. So the authentication become two step process first the user is authenticated, on success another call is made to server to get current users details.

Using client side local storage for this would not be ideal because you need to do lot of book keeping, in terms of cleaning the logged in user on log out or session expiration.

Also cookies from server would have expiration times an all, and making decision just based on cookie existing on local storage may not be optimal approach.

like image 192
Chandermani Avatar answered Sep 28 '22 04:09

Chandermani
Sign in to Comment

Related questions

Rails feature testing with logged in user (undefined method 'session')
Is there a maximum number of PHP sessions?
How to get session time out message using Spring security
Where is session store ? (ExpressJS)
Storing shopping cart in session
How long should you let a user stay signed in for on a web application?
What is the best practices on Android to keep data between activities deathes/restarts for the whole application session?
What to store in a session?
get or session?
Prevent duplicate editing / Locking DB records while editing - single backend server
How would a user stay logged in to a REST-based website?
Session differences in Pylons and Pyramid
Session shared in between tabs
understanding session.get vs session.load method in hibernate
Sessions in REST services
Access Session.SessionID in ActionFilterAttribute
How unique is the HttpSession ID?
JSESSIONID suffixed with .undefined
Using session object in Django unit test
ServiceStack: Accessing the HttpRequest in a selfhosted application

Donate For Us

If you love us? You can donate to us via Paypal or buy me a coffee so we can maintain and grow! Thank you!