-
-
Notifications
You must be signed in to change notification settings - Fork 1.9k
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
Finish porting realworld app #56
Comments
@Rich-Harris was there anything specific you had in mind as needing to be done still or should we close this? I just tested out the app and it looked to be working okay |
Sessions don't persist — you can't log in/out and reload the page — and most of the endpoints are still old-style |
Are sessions not persisting the result of that functionality missing in kit or just in the example? Regarding the endpoints, most even in the Sapper-version of the repo are loaded via |
All the In the previous version of the app we're using express session middleware with a FileStore, which is a bad solution at the best of times but a completely unworkable one in a serverless world. I think the easiest thing to do would be to store the JWT in a cookie. Re |
Since a JWT in a secure, httpOnly cookie is what I use on Beyonk, I'm happy to share what I can in order to further this solution. Certainly a stateless authentication solution is a great fit for serverless. |
I like JWT when it's just used for authentication. E.g. if it just stores the logged in username, id, token that makes sense to me. Where I start to get a little bit less comfortable with it is when people start using it for authorization or storing other data in there. E.g. rather than putting all user details in a cookie, I'd probably just fetch the user from the database on the user settings page Posting this here for reference: https://github.com/antony/sapper-authentication-demo If you want to take a stab at integrating it that sounds cool @antony ! 😃 |
Addressed in #290 |
No description provided.
The text was updated successfully, but these errors were encountered: