We would not save the user credentials in the browser local storage, but rather just the token received after authentication. As I said, the tutorial do not cover the backend portion of it but rather saving the token and blocking access to "authenticated" routes. You could use it to implement Auth0, which could actually be a nice continuation of my tutorial! :)
EDIT: I agree my article does not emphasize this enough. I updated the article to add a disclaimer to save the token and not the actual credentials. Thank you!
Hi, firstly it's a great article. Implementing the back end token code was beyond the scope in my opinion. What it demonstrates is exactly what you said in your reply. And the private route implementation is good as well.
For further actions, you may consider blocking this person and/or reporting abuse
We're a place where coders share, stay up-to-date and grow their careers.
I'm not sure storing the credentials locally is the way to go. Also the redirection is easily bypassable by setting an arbitrary auth.data.
I agree. I would suggest using Auth0. They have a good example on the Auth0 website.
We would not save the user credentials in the browser local storage, but rather just the token received after authentication. As I said, the tutorial do not cover the backend portion of it but rather saving the token and blocking access to "authenticated" routes. You could use it to implement Auth0, which could actually be a nice continuation of my tutorial! :)
EDIT: I agree my article does not emphasize this enough. I updated the article to add a disclaimer to save the token and not the actual credentials. Thank you!
Hi, firstly it's a great article. Implementing the back end token code was beyond the scope in my opinion. What it demonstrates is exactly what you said in your reply. And the private route implementation is good as well.