Finish porting realworld app #56
Comments
|
@Rich-Harris was there anything specific you had in mind as needing to be done still or should we close this? I just tested out the app and it looked to be working okay |
|
Sessions don't persist — you can't log in/out and reload the page — and most of the endpoints are still old-style |
|
Are sessions not persisting the result of that functionality missing in kit or just in the example? Regarding the endpoints, most even in the Sapper-version of the repo are loaded via |
|
All the In the previous version of the app we're using express session middleware with a FileStore, which is a bad solution at the best of times but a completely unworkable one in a serverless world. I think the easiest thing to do would be to store the JWT in a cookie. Re |
|
Since a JWT in a secure, httpOnly cookie is what I use on Beyonk, I'm happy to share what I can in order to further this solution. Certainly a stateless authentication solution is a great fit for serverless. |
|
I like JWT when it's just used for authentication. E.g. if it just stores the logged in username, id, token that makes sense to me. Where I start to get a little bit less comfortable with it is when people start using it for authorization or storing other data in there. E.g. rather than putting all user details in a cookie, I'd probably just fetch the user from the database on the user settings page Posting this here for reference: https://github.com/antony/sapper-authentication-demo If you want to take a stab at integrating it that sounds cool @antony ! 😃 |
|
Addressed in #290 |
No description provided.
The text was updated successfully, but these errors were encountered: