hi guys,
i am using react-router-dom for navigation. once the login success am redirecting my page to dashboard page .this works fine.
if i change the url in address bar without login it redirects to dashboard.this is a security issue .i have fixed this by storing a flag in localstorage and check when ever the url is changed and this fix the issue .but i feel this as older method.
any other way to fix this?
I've done similar to Aakash, except I use sessionStorage to keep the token. Then, I have a componentWillMount() on security critical views that sends the token to the server for verification, and redirects if it's expired.
Aakash Mallik
S/W Engineer @ Samsung R&D Delhi
As far as my implementation goes, we too stored a token in the local storage and check against this value to find out if the user was logged in or not, on top of that, we modified the Route component and created a ProtectedRoute that would implement this logic of checking whether a given route is a valid one as per the token value, if it were not, we would render the Redirect component as mentioned in the react-router-dom docs. I don't think there is anything smart to be done here... Ask me more if I haven't made myself clear.