简体中文(ZH-CN)English(EN)繁体中文(ZH-TW)日本語(JA)한국어(KO)Melayu(MS)Français(FR)Deutsch(DE)
Home
Article
Q&A
Course
Topic
Download
Game
Dictionary
Recent Updates

Home  >  Q&A  >  body text

javascript - For a website that requires login, what operations are generally performed to save the login status after pressing refresh?

I just got started and I don’t know much about user login.
Assume that the user has logged in successfully and entered page A. If he refreshes the page, the data on the page will be lost. What operations should be performed to save his login? What about status?
Because the data in page A needs to be obtained using the user's number (returned by the login interface)
Should I log in again based on the cookie after refreshing?

PHP中文网PHP中文网2710 days ago659

reply all(5)I'll reply

  • 为情所困

    为情所困2017-05-19 10:28:15

    The basic idea is to set your own cookie and submit the authenticated identity information to the server again

    • Set cookies

    • Save session

    • Use JSON Web Token to improve security

    You can refer to the article I wrote
    http://www.jianshu.com/p/8d13...

    reply
    0
  • 伊谢尔伦

    伊谢尔伦2017-05-19 10:28:15

    In short, just use cookie构造session的过程。Web浏览器发起请求的时候,会带上httpheader的内容。通常使用的是cookie,每次你刷新的时候,cookie and it will be automatically sent to the server.

    Stateless

    Suppose you go to a cake shop to buy something. The clerk receives many customers every day and does not know who you are.

    cookie

    The store held activities and launched a membership mechanism. The cake shop issued a membership card to every guest who came. From now on, every time anyone comes here, check if it is 会员卡,没有就发一个,有了就知道是会员啦。这个卡就是cookie.

    session

    A simple membership card can only distinguish whether you are a member. In order to obtain more detailed information, a membership card number has been added. Every time you come, the clerk checks to see if there is a card, then enters the card into the system to check whether it is a registered member and understand the member information. Give corresponding discounts~. This card number is session_id.

    So the browser's cookie可以存一个session_idsession_id关联了用户,其本身可以是随机字串,也可以是jwt等。每次发送请求的时候,浏览器会自动发送cookie。服务端就能读取解析这个cookie can store a

    ,

    is associated with the user, and it can be a random string, or it can be jwt, etc. Every time a request is sent, the browser will automatically send cookie. The server can read and parse this

    and then authenticate it. 🎜 🎜In addition, you can read more detailed documents about 🎜's security, expiration, etc. 🎜

    reply
    0
  • ringa_lee

    ringa_lee2017-05-19 10:28:15

    Use sessionID as token, bring the token with each request, and the background determines whether the token is valid

    reply
    0
  • 为情所困

    为情所困2017-05-19 10:28:15

    The cookie stores the user session ID and sends an identity matching verification request when the page is refreshed. The user is logged in if there is a login session, otherwise the user is not logged in or the login has timed out. You can also use the authentication token

    reply
    0
  • 淡淡烟草味

    淡淡烟草味2017-05-19 10:28:15

    The cookie saves the session id. When the front-end requests the server, it brings this cookie in the header. After the server receives it, it looks for the session record corresponding to this session id. If it is found, it means that you are logged in. If it is not found, it means that you are not logged in.

    reply
    0
  • Cancelreply