Requirement: A project that completely separates the front-end and back-end, only interacting through API. After the user successfully logs in, the back-end writes the user's name and permissions into a cookie, and the front-end gives different users different permissions based on the cookie
Thinking: Writing permissions to cookies is easy, but how to ensure security?
天蓬老师2017-05-15 16:56:55
Applications written in angularjs must verify user permissions on both the front and back ends. Because angularjs is a single-page application, all codes are on the front end, and users can modify them at will. Please refer to: https://blog.coding.net/blog/techniques- for-authentication-in-angular-js-applications
阿神2017-05-15 16:56:55
Put a SessionID in the cookie, and put other user and permission-related data in the cookie. Users can basically log in without entering their username and password.
