what is the purpose of react protected routes?
shouldn't routes be protected at the server end?
16 Replies
Unknown User•3y ago
Message Not Public
Sign In & Join Server To View
so you don't protect it at the server but you protect it in the front-end?
Unknown User•3y ago
Message Not Public
Sign In & Join Server To View
If a route needs to be protected, it needs to be protected on both ends. On the FE to somewhat limit what most users will see and interact with. On the BE to ensure that somebody that has a bit more knowledge, doesn’t go and access something he shouldn’t.
Security is never a “do only this and don’t do that”
so the protected route is only a way to let user know that he's not authorised, without hitting the server to get that info?
I’ve yet to hear about an app, where overly securing anything has had a negative impact.
Unknown User•3y ago
Message Not Public
Sign In & Join Server To View
makes sense
This is basically what I said, but with less words than what I used.
Unknown User•3y ago
Message Not Public
Sign In & Join Server To View
Ah no. What I meant is that on the BE, you also make sure that the user has the access he is requesting. This Igor me means both authorization and authentication
It’s never an either or.
Unknown User•3y ago
Message Not Public
Sign In & Join Server To View
can you answer me please, what is react private/protected routes for?
Do you want specific examples?
Because if you want examples of when to use it, google it.
You’ll see tons of explanations on what you can do with protected routes
Unknown User•3y ago
Message Not Public
Sign In & Join Server To View
ok I was right, react protected routes. are only for letting the user know that he can't access a certain route without hitting the server