User authentication and authorization are important topics no matter what architecture you select for your service, but they become a little tricky in the single page app world. Part of that trickiness is probably due to the fact that most of us are not accustomed to having to reintroduce ourselves and our qualifications in every encounter with someone, but that's what you have to do when implementing a server-less singe page app.
Naren Arya has posted this excellent tutorial on the basics of implementing JSON Web Tokens (JWT) and explains his interest in the topic this way:
JWT authentication is becoming very popular these days. The traditional authentication uses cookies and sessions. With the advent of Single Page Applications(SPA) and microservices, there is a need to look beyond the sessions. Any token based authentication serves that purpose. JWT is a type of token-based authentication.
He's absolutely right.
If you are new to JWT or, as in my case, have probably implemented it...ah...imperfectly, read his post AND do yourself the favor of trying it out.
Once I read this post and understood the basics of JWT, I was able to go back to my app and fix my integration with Google's OATH service.
No comments:
Post a Comment