I am using the amazon-cognito-identity-js library in express/node backend to handle all authentication. Basically when I try to log in on my front end, it logs me in and persists the state without ever storing tokens in localstorage. Is this happening because I implemented the library in the backend, so all the session data is being stored on the server? I don't pass tokens from the backend to the frtontend. Is it a good approach? I understand this library was meant for frontend but it seems like it is working in the backend too?
Asked
Active
Viewed 231 times
0
Andy Harmuth
- 1
- 1
1 Answers
0
I'm not sure how you have implemented this in the backend. Doesn't it just overwrite sessions as multiple users log in? This is why it was designed to be implemented on the front end. If you want your backend to handle authentication then you are passing credentials to you backend which might not be a good idea. But if you still want to go with this approach then you can write an API that accepts credentials and returns tokens. Do it without sdk and don't store any tokens. On front end you can store tokens in localstorage if you want.
Ninad Gaikwad
- 4,272
- 2
- 13
- 23