How to implement a safe login with Angular and Laravel? [on hold]
up vote
-1
down vote
favorite
I need to implement a safe login for my SPA. I'm using Angular for my frontend and Laravel for my backend. But there are so many different opinions that it is difficult to find a safe standard.
So far I use the following procedure:
- User enters password and user name and logs in (Frontend)
- Laravel validates data and returns a JWT with the user id inside (using tymondesigns/jwt-auth)
- The JWT get stored in local storage
- For every request the JWT will be sent as a
Bearer
token in the header
But I think it's not safe because of XSS. What is the current standard to implement a safe but simple login with JWT?
angular laravel authentication jwt
put on hold as too broad by R. Richards, snakecharmerb, EdChum, Unheilig, Ctx 2 days ago
Please edit the question to limit it to a specific problem with enough detail to identify an adequate answer. Avoid asking multiple distinct questions at once. See the How to Ask page for help clarifying this question. If this question can be reworded to fit the rules in the help center, please edit the question.
add a comment |
up vote
-1
down vote
favorite
I need to implement a safe login for my SPA. I'm using Angular for my frontend and Laravel for my backend. But there are so many different opinions that it is difficult to find a safe standard.
So far I use the following procedure:
- User enters password and user name and logs in (Frontend)
- Laravel validates data and returns a JWT with the user id inside (using tymondesigns/jwt-auth)
- The JWT get stored in local storage
- For every request the JWT will be sent as a
Bearer
token in the header
But I think it's not safe because of XSS. What is the current standard to implement a safe but simple login with JWT?
angular laravel authentication jwt
put on hold as too broad by R. Richards, snakecharmerb, EdChum, Unheilig, Ctx 2 days ago
Please edit the question to limit it to a specific problem with enough detail to identify an adequate answer. Avoid asking multiple distinct questions at once. See the How to Ask page for help clarifying this question. If this question can be reworded to fit the rules in the help center, please edit the question.
add a comment |
up vote
-1
down vote
favorite
up vote
-1
down vote
favorite
I need to implement a safe login for my SPA. I'm using Angular for my frontend and Laravel for my backend. But there are so many different opinions that it is difficult to find a safe standard.
So far I use the following procedure:
- User enters password and user name and logs in (Frontend)
- Laravel validates data and returns a JWT with the user id inside (using tymondesigns/jwt-auth)
- The JWT get stored in local storage
- For every request the JWT will be sent as a
Bearer
token in the header
But I think it's not safe because of XSS. What is the current standard to implement a safe but simple login with JWT?
angular laravel authentication jwt
I need to implement a safe login for my SPA. I'm using Angular for my frontend and Laravel for my backend. But there are so many different opinions that it is difficult to find a safe standard.
So far I use the following procedure:
- User enters password and user name and logs in (Frontend)
- Laravel validates data and returns a JWT with the user id inside (using tymondesigns/jwt-auth)
- The JWT get stored in local storage
- For every request the JWT will be sent as a
Bearer
token in the header
But I think it's not safe because of XSS. What is the current standard to implement a safe but simple login with JWT?
angular laravel authentication jwt
angular laravel authentication jwt
asked Nov 4 at 10:04
Sebastian S
608
608
put on hold as too broad by R. Richards, snakecharmerb, EdChum, Unheilig, Ctx 2 days ago
Please edit the question to limit it to a specific problem with enough detail to identify an adequate answer. Avoid asking multiple distinct questions at once. See the How to Ask page for help clarifying this question. If this question can be reworded to fit the rules in the help center, please edit the question.
put on hold as too broad by R. Richards, snakecharmerb, EdChum, Unheilig, Ctx 2 days ago
Please edit the question to limit it to a specific problem with enough detail to identify an adequate answer. Avoid asking multiple distinct questions at once. See the How to Ask page for help clarifying this question. If this question can be reworded to fit the rules in the help center, please edit the question.
add a comment |
add a comment |
active
oldest
votes
active
oldest
votes
active
oldest
votes
active
oldest
votes
active
oldest
votes