L
L
LinuxGod2020-04-13 14:03:57
JavaScript
LinuxGod, 2020-04-13 14:03:57

The principle of authorization using canvas (how to implement)?

It is required to implement a system that could recognize users without localstorage, cookies and everything like that.
When a user enters a login and password using canvas fingerprint technology, a key is created by which tokens, cookies and everything else are loaded into the browser.
For greater certainty, you can have the client bludgeon the server with its fingerprint until it gives it everything it needs in a loop.

Even if localstorage is cleared, then when the connection is resumed, after 1-2 seconds, cookies will load the server.

Tell me, does anyone have experience in this kind of authorization system, can anyone advise what? Whether who can result arguments why the given method of check of the user is bad?

(This type of authorization uses the VKontakte service on top of the standard oAuth, you can verify this by deleting localstorage and refreshing the page - as you can make sure we have not logged out of the account. Therefore, VK can recognize people by some other criterion)

Any information is useful. Thank you for attention.

Answer the question

In order to leave comments, you need to log in

Didn't find what you were looking for?

Ask your question

Ask a Question

731 491 924 answers to any question