AngularJS with Flask authentication -


i'm building web app using angularjs , rest-api build flask framework.

the app consists of 2 parts:

  • a part users don't have logged in: can register, login, check out features...

  • a part users have logged in.

to keep things simple thinking separate these 2 parts in 2 angular apps , let flask direct right app according being logged in or not.

i wondering if approach? think can keep authentication pretty simple.

i'm not sure 2 separate apps idea.

it seems have fair amount of duplication if way, because don't think 2 apps mutually exclusive. @ least, imagine public options available when user logged in, right? means chunk of public application, client , server-side, have part of protected application. sounds hard maintain.

also consider user experience. user have download entire new application @ login , logout time, @ least first time until gets in browser's cache. depending on size of application few seconds of waiting.

the standard approach have 1 angular app , 1 flask app. angular app begins , shows available options, , depending on user angular sends ajax requests flask.

if user tries requires login, flask respond code 401 error. angular can show login dialog login credentials , submit ajax request again, credentials, maybe http basic authentication on secure http. on angular can attach login credentials requests, user can use options.

if don't want send login info every request, can have get_auth_token endpoint in flask app takes credentials , sends token angular. angular can attach token subsequent requests.

the logout option in angular drops credentials and/or token become unauthorized again.

i explain of these ideas more detail in this answer. though context in question node.js principles apply flask well.

you can check out tutorials on topic. i'm using flask on server , knockout.js on client, concepts should translate directly if use angular instead of knockout. here 3 of them:


Comments

Popular posts from this blog

css - Which browser returns the correct result for getBoundingClientRect of an SVG element? -

gcc - Calling fftR4() in c from assembly -

.htaccess - Matching full URL in RewriteCond -