javascript - Cookie Auth: Making requests from localhost to live services -


on platform i'm working on, running react front-end on express.js server , when developing on localhost make calls our api in our staging environment (from localhost) set on own domain in cloud.

we set cookie authentication @ api gateway level (zuul) in staging environment. since running our react app directly on localhost when developing (no zuul gateway), app making calls staging api without being authenticating first (no auth cookie). causing our localhost setup fail on requests api. tried few solutions of injecting tokens browser or forcing them set in app, there still issues x-origin requests (from localhost staging).

i'm starting question our front end dev setup. due way our api setup in our multiple live environments, difficult run our api locally , connect live db's , middle-tier services. so, prefer find way make these requests localhost staging work.

we have both server side , client side requests (ajax) need hit these services , using axios requests. thinking there might way setting /etc/hosts , proxying requests, i'm not sure how done.

is there recommended way tackle local development setup front end apps when developing in micro-service environment there authentication? should not trying hit live api when developing locally? suggestions appreciated.

one issue , 1 piece of advice come mind.

  1. you might hitting cross-origin resource sharing (cors) issue. if browsers prevent hit different domain avoid malicious attacks unless service allows this. instance, if frontend app runs in www.mydomain.com/app , api in www.mydomain.com/api, there won't problem. however, if frontend app runs on www.mydomain.com , api on api.mydomain.com, api has explicitly allow requests coming www.mydomain.com. same localhost since it's seen different domain. config depends on kind of server have , should in documentation.

  2. most api's nowadays follow rest architecture, makes apis stateless. means api doesn't care state of client. unfortunately, that's not case of cookies because have kept on both server side , client side, stateful. if want improve design of api, recommend use tokens, more json web tokens (jwt). jwts stateless , cheaper deal server because there's no need keep track of it. works based on digital signature generated encoding algorithm , validation done using decoding algorithm. here full comparison.


Comments

Post a Comment

Popular posts from this blog

ubuntu - PHP script to find files of certain extensions in a directory, returns populated array when run in browser, but empty array when run from terminal -

i running os ububtu 16.04. ultimate goal able run php script cron job every minute. here php script located @ /var/www/html/tests/test/index.php : <?php $directorypath = $_server['document_root']."/tests/test/data/"; echo "directorypath: $directorypath<br><br>";//check $imagefilepathsarray = glob($directorypath . "*.{png,gif}", glob_brace); echo "<br><br>imagefilepathsarray: "; print_r($imagefilepathsarray);//check ?> when open php script in browser visiting url my-ip-address/tests/test/index.php , get: directorypath: /var/www/html/tests/test/data/ imagefilepathsarray:array( [0] => /var/www/html/tests/test/data/pic.png [1] => /var/www/html/tests/test/data/pic.gif ) before writing cron job in crontab file, need check if can run anywhere using terminal . opened ubuntu terminal @ /home/ location, , executed in terminal: sudo php /var/www/html/tests/test/index.php i got following out...
Read more

php - How can i create a user dashboard -

today have questions you, want create user dashboard site, include (obviously), users data, example -email -username -and others stuff how can information, , print them in html page? if can, how can these information via php sessions? shuld use session? example, if user login, , start new session ( session_start() ), how can data print in dashboard? should use php "project"? in advice, have day , thank time!
Read more

javascript - How to detect toggling of the fullscreen-toolbar in jQuery Mobile? -

i have jquery mobile page fixed full-screen toolbar, data-tap-toggle enabled. straight under toolbar have positioned banner should slide upwards when toolbar hiding , slide downward when toolbar showing. jquery mobile toggles toolbar applying , removing ui-fixed-hidden class - sadly, can't find in documentation of toolbar widget toggle , hide or show event that. how can detect when toolbar toggled, reposition banner? .banner { position: fixed; background-color: darkseagreen; top: 46px; min-height: 48px; width: 100%; text-align: center; line-height: 48px; } <!doctype html> <html> <head> <meta charset="utf-8"> <meta name="viewport" content="width=device-width, initial-scale=1, user-scalable=no"> <link rel="stylesheet" href="https://code.jquery.com/mobile/1.4.5/jquery.mobile-1.4.5.css"> <script src="https://code.jquery.com/jquery-1....
Read more