Ocelot/Yarp a valid use-case for the following react/asp.net?
Hello there
I'm currently working on application and I want to use C# AspNet for the backend, and for frontend I want react.
Issue is regarding the security. I wanted to go with JWT access/refresh token, but try not to use localStorage, and only way would be to use http only cookies and I can only set that inside of C#
As the asp net project, and frontend are 2 different domains I cannot easily work with cookies between them.
Idea is to use Ocelot/Yarp to create following match:
route starts with /api -> redirect to my C# asp net project
everything else needs to go to the react side
So just a gateway
Then authentication would be easier as we can use one domain, and react will be able to fetch session from some route /session
Do you think I'm on the right track here, or any better ideas?
I'm currently working on application and I want to use C# AspNet for the backend, and for frontend I want react.
Issue is regarding the security. I wanted to go with JWT access/refresh token, but try not to use localStorage, and only way would be to use http only cookies and I can only set that inside of C#
As the asp net project, and frontend are 2 different domains I cannot easily work with cookies between them.
Idea is to use Ocelot/Yarp to create following match:
route starts with /api -> redirect to my C# asp net project
everything else needs to go to the react side
So just a gateway
Then authentication would be easier as we can use one domain, and react will be able to fetch session from some route /session
Do you think I'm on the right track here, or any better ideas?
