Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Research on frontend-side authentication strategies #19

Open
2 tasks
rpmolina opened this issue Apr 25, 2023 · 0 comments
Open
2 tasks

Research on frontend-side authentication strategies #19

rpmolina opened this issue Apr 25, 2023 · 0 comments
Labels
practices:frontend

Comments

@rpmolina
Copy link
Contributor

rpmolina commented Apr 25, 2023
edited by sync-by-unito bot
Loading

Describe the feature

Frontend-side authentication refers to the process of verifying the identity of a user on the client side of a web application. There are several common strategies for implementing frontend-side authentication:

  1. Token-based authentication: This is the most common strategy for frontend-side authentication. The server generates a token (usually a JWT), which is then sent to the client and stored in local storage or a cookie. On subsequent requests, the client sends the token back to the server, which verifies it and allows access if the token is valid.
  2. Session-based authentication: This strategy stores user authentication information on the server in a session. When a user logs in, a session is created on the server and a session ID is sent to the client. On subsequent requests, the client sends the session ID back to the server, which verifies it and allows access if the session is still active.
  3. OAuth: This is a standard protocol for authentication and authorization. It allows users to authenticate with third-party services (such as Google or Facebook) and then use that authentication to access other applications. OAuth involves several steps, including obtaining an access token and using it to access protected resources.
  4. Single Sign-On (SSO): This strategy allows users to authenticate once and then access multiple applications without having to log in again. SSO can be implemented using several different protocols, including OAuth and SAML.
  5. Passwordless authentication: This strategy allows users to authenticate without using a password. Instead, users typically receive an email or text message with a one-time login link or code.

In general, token-based authentication is the most widely used strategy for frontend-side authentication because it is simple, secure, and scalable. However, the other strategies may be more appropriate depending on the specific requirements of your application. It's also worth noting that frontend-side authentication is just one part of a larger authentication and authorization strategy, which should also include backend-side authentication and other security measures.

Therefore, the idea of this issue is to focus on the frontend side and define some examples of how to implement these strategies, thinking about how we store the tokens or to which service and how to delegate this responsibility.

Use Case

Have different examples for future reference.

Proposed Solution

No response

Other Information

No response

Acknowledgements

  • I may be able to implement this feature request
  • This feature might incur a breaking change

Version used

Environment details (OS name and version, etc.)

┆Issue is synchronized with this Clickup task by Unito
@ulises-jeremias ulises-jeremias transferred this issue from nanlabs/nancy.js May 31, 2023
@ulises-jeremias ulises-jeremias moved this from 📋 Backlog to 🔖 Ready in NaNLabs public roadmap Jul 11, 2023
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
practices:frontend
Projects
NaNLabs public roadmap
Status: 🔖 Ready
Milestone
No milestone
Development

No branches or pull requests
2 participants
@ulises-jeremias @rpmolina