Shail
KPCKevin Powell - Community
•Created by Shail on 5/4/2024 in #front-end
Need guidance/advice on implementing security in my react js app.
Need guidance/advice on implementing security in my react js app.
I have a spring boot backend (monolitihic) application. It uses Spring security with Jwt token to implement security. When a user logs in, the app returns the Access and Refresh token in cookie.
In the react app, i have created a PrivateRoute component to validate if the user is authenticated before loading protected routes. But in the component I am not able to figure out how do i validate if the user is actually authenticated. Do I just check if the browser has the cookie or not or should i send the cookie back to server to validate if token is valid or not?
Also, If there is a better way of implementing security in frontend please advise
1 replies
KPCKevin Powell - Community
•Created by Shail on 11/17/2023 in #front-end
How to handle JWT token cookie from backend in React
Hi Everyone,
Need some guidance on a issue I am stuck on. I am mostly a backend developer and new to Frontend.
I am working on a service which has Spring Boot app as a backend; which is secured with Jwt token that is returned in HTTP Cookie. It has /login, /refresh-token endpoints to login and refresh expired tokens.
In frontend side, I am using React JS. I am able to integrate my frontend service with backend if there is no security aspect involved (i.e, when I turn off spring-security in backend). Now I want to integrate the security part but I am not able to figure it out what needs to be done, where should I start. How the token flow will happen.
I have tried to do some research but most of the examples I saw are using a boolean flag isAuthenticated stored in local storage which doesn't seems correct.
Could you please provide some guidance. Thanks
1 replies