Today even when single page applications are so common. I am not able to find a well defined way to do authentication with a backend server that provides JWT.
I read this article which talks about not using local storage and using cookie instead.
I would like to know how you do authentication on your web app and what is the secure and easy way which you recommend for this?
It's actually pretty simple. For logging in, you get the credentials from the user on the page, and store them in variables. Then, you make a request to your server, and that server sends back a JWT (JSON Web Token) if the credentials were correct. You can use that JWT for further requests needing authentication so you don't need to provide username and password for every request.
Local storage and cookies basically do the same thing, they store data on the client. You use those data stores to save your token, so you don't need to get a new JWT every time you open the site.
As you've added VueJS to your tags, here's a guide for that framework (you'll probably need to scroll down a bit to get to the authentication parts):
auth0.com/blog/build-an-app-with-vuejs
Have fun!
If you're using React and Redux, this tutorial explains the concept of logging in with an API pretty well: auth0.com/blog/secure-your-react-and-redux-app-wi… They also offer their own authentication server if you need one. Never tried it thought so YMMV.
Full Stack Developer
Jay Gandhi
Knows JS, Python & Ruby. Learning Go.
We were using angular v1 in my previous job. For authentication we used to store JWT in cookies docs.angularjs.org/api/ngCookies/service/$cookies and used httpInterceptors docs.angularjs.org/api/ng/service/$http we can able to intercept requests before they are handed to the server and responses before they are handed over to the application code that initiated these requests.
interceptors are used to inject jwt token in every request for authorization.