this is for holding javascript data
Alec Aivazis edited untitled.html
over 8 years ago
Commit id: 0ecb15f696d974607b1b46d3b00e0e98bdf3b0b2
deletions | additions
diff --git a/untitled.html b/untitled.html
index cdcaff7..5e0a3a3 100644
--- a/untitled.html
+++ b/untitled.html
...
In a single page app, all of the decisions about what view/subview to render occurs on the client and does not require a trip back to the server.
This means that the client has to be able to authenticate the currently logged in user and access its data without going back to the server
We have to store information concerning the logged in user in such a way that we can trust it.
JWTs are good because they allow for the client to be responsible for keeping track of the permissions of the currently logged in user.
However JWTs require a secret key to be decrypted which means it can't happen on the frontend.