0

I've found a good flow to manage custom session manage here. The question now is concerning on, which is the best way to store that the user is already validated?

For example I have a rest api that return 0 or 1 if user's creadentials are valid. Now, how and where can I store that information? SessionStorage could be good a place but if I store the user's password encrypted for example, then in controller, I have to check against what?? Where is the true and valid encrypted password?

This question is in general, how to manage user session in angularJS.

EDIT: Maybe the answer could be, you shouldn't check only credentials in the client side?

Community
  • 1
  • 1
Hugo
  • 179
  • 5
  • 14

2 Answers2

0

you have to inject 'ngCookies' in you app module and inject '$cookies' in your controller

and you can put value like $cookies.put('variableName', vlue);. and you can retrive $cookies.get('variableName');

ZearaeZ
  • 899
  • 8
  • 20
  • Thanks! Anyway then I have to check against the server this credentials? Is there any way to (apart of going) to the server, deny access checking it in client side? – Hugo Mar 17 '17 at 12:14
  • sorry i didn't understand you question properly. Is that mean you want to send this data or cookies value to server? – ZearaeZ Mar 17 '17 at 14:00
  • Me neither :(. I'm not sure what I would like to ask... I will try your approach. Thanks! – Hugo Mar 20 '17 at 10:44
0

I've found the solution. Just comment if someone helps.

One of the most important thing is activate credentials in $httpProvider

$httpProvider.defaults.withCredentials = true;

Then in server some cookies must be stored into session and that's all. Next requests now are session-validated.

Hugo
  • 179
  • 5
  • 14