❔ Recommended Session Approach for WebApplication (React frontend, WebApi backend)
Hey everyone. I'm making a web application with a React frontend and a .NET WebApi backend. Was wondering what is the most recommended way of handling authentication/session that integrates with the [Authorize] attributes of WebApi? I was looking into JWT to try something new, however have seen posts about how it's not the best for handling user sessions and is mainly better for API to API integration. What would you recommend?
4 Replies
I'd just use regular ol' cookie-based auth
No need to get fancy, unless you want multiple other frontends created by 3rd party developers to also be able to connect
In that case, OAuth2 and may god have mercy on your soul
ok cool
Thanks for that
you could implement yourself some cookie-based auth with JWTs and use a decoding middleware in your backend, or you could even try to implement Auth0. I have had some success with it and it is relatively easy set up and manage, free, and you don't have to worry about storing password hashes etc...
Was this issue resolved? If so, run
/close - otherwise I will mark this as stale and this post will be archived until there is new activity.