Session storage React, Firebase. How to organize?

J

Jura Semenenko2018-10-21 20:16:21

JavaScript

Jura Semenenko, 2018-10-21 20:16:21

I am writing a training project on React as a database and use Firebase for authorization.
Authorized users have access to a personal account with unique content for each, which must be pulled from the database.
When you reload the page, you have to log in again. Right now I'm thinking what are the options for organizing session storage.
A simple way that comes to mind is storing data of the type in localstorage:
- isAuth: true / false
as well as a unique id that Firebase gives:
uid: NcefVvDqfHXqrj0IlvzfmLb2
Draw private pages by flag, pull the necessary information about the user from the database by id.
But in this case, the user is technically sort of not logged in after reloading the page...
What are the options to organize this process?
Thanks in advance for your advice.

Reply

Answer the question

In order to leave comments, you need to log in

1 answer(s)

S

Sasha, 2018-10-22
@sem9ndos

An easy way that comes to mind is storing data like this in localstorage:
- isAuth: true/false

It is not necessary to do this, because the attacker can set this flag at his discretion (although in this case it will not give him anything).

as well as a unique id given by Firebase:
uid: NcefVvDqfHXqrj0IlvzfmLb2

You can store only a unique id in localstorage and "pull" information on it. If id is valid - give content. If the id is not valid, send {'status':'unathorized'} and send login.
And it is better of course to use JWT.