when the user logs in, respond with an auth token. The webapp can store that token in the localStorage.
when the webapp is initialized, assume that the user is logged in if we have an auth token on the localstorage.
There must be a middleware on all the webapp's XHR handlers, that adds an authorizarion header on each request.
The backend has to have a mechanism to verify that token, and if it's not sent or is invalid, return a 403 forbidden status.
The webapp also has a middleware for every XHR response handler, that will catch whenever a 403 happens. In that case, unset the localStorage token, and redirect the user to login.
That could be one way to do it; as in how to save application state, the answer is also in localStorage. In this subject you also have to bear in mind that for this to be efficient, your app's state should be kind of "serialized" and kind of "normalized".
I suggest you research on the following topics:
cookies vs localstorage vs sessionstorage vs indexedDb
Authentication token mechanisms, e.g. JWT
Common patterns to normalize an app's state
For further actions, you may consider blocking this person and/or reporting abuse
We're a place where coders share, stay up-to-date and grow their careers.
one way you can do it is like this:
That could be one way to do it; as in how to save application state, the answer is also in localStorage. In this subject you also have to bear in mind that for this to be efficient, your app's state should be kind of "serialized" and kind of "normalized".
I suggest you research on the following topics: