0

I'm currently working on an odd project scenario. I currently have 2 servers, server A is used for authentication/sessions and to serve up multiple React applications, server B is simply an API for sending and retrieving data.

I have a javascript application that is walled behind a login screen so you can't access the app (and scripts aren't even loaded in) until after you authenticate via the server.

I need a way to authenticate via server A with a non javascript application, then after login, render the javascript application and pass the JWT to it to then be used for all future requests that are sent to server B. I also need to store a session on server A, so when the user refreshes the page, they still have access to the javascript application and don't have to login again.

The main thing I'm confused on is the proper way of handling this so users can refresh the page and still have access to the app, while also being able to have the JWT to make requests to the other server.

Chris
  • 1,484
  • 1
  • 12
  • 19
  • 1
    This should answer the query: https://stackoverflow.com/a/54011649/1235935 – Saptarshi Basu Mar 28 '19 at 18:39
  • @SaptarshiBasu this sounds like what I may be looking for. For some reason I was overthinking things earlier and thought that the httpOnly flag on my cookies wouldn't work going to different servers. I'll give that a go – Chris Mar 28 '19 at 18:53

0 Answers0