DuckMan435 / PortfolioViewer

0 stars 0 forks source link

Knockout and ajax? #2

Closed apryiomka closed 8 years ago

apryiomka commented 8 years ago

What would be the benefit of implementing login with AJAX and NockoutJS vs plain view models and no ajax? I have also noticed you set cookies for authentication (context.Request.Context.Authentication.SignIn(cookiesIdentity)), but all you use is the token. If token is present, you show the login form, if not, you hide it. Would it make sense to redirect the user to the login page and redirect back with the return URL? What if the token expires, would the user have to log back in or the login page will still be shown if the token is present in the current session (if the login done by JavaScript, how does the page know that the token is expired)?

DuckMan435 commented 8 years ago

I felt that there would be a speed improvement using AJAX and KnockoutJS vs regular View Models without AJAX. As for authentication, it would probably make more sense to have a separate login page with a return URL. Currently it is checking the sessionStorage for the token, if it exists, but to your point it will not have knowledge of it being expired.

apryiomka commented 8 years ago

The good idea for the user authentication of the web pages to use asp.net identity cookies (just like you do in your code via Authentication.SignIn), but for the API to use the token.