伊谢尔伦2017-04-18 09:33:25
First of all, your application is separated from front to back, and part of the logic is processed on the front end.
1: Your sentence is a declarative sentence, I don’t know what to answer.
2: If you only implement the REST API, the front end should use Angular and other frameworks, and the jump is handled by the front end.
3: HTTP Auth can be passed through parameters. When no parameters are passed, the operating system or browser has its own implementation to allow the user to enter the account password.
4: The check cookie here refers to the browser cookie, which is detected by the front end. As long as no HTTP request is passed in, it will still be stateless.
5: The real REST API only and must require the Auth interface to verify Auth. As for the case where more data will be transmitted, the REST API will cause data redundancy in order to ensure statelessness.