Closed apryiomka closed 8 years ago
DuckMan435
commented
8 years ago I agree that it would make sense to validate the UI inputs for the user. It would help prevent the user from submitting invalid information and waiting for the authentication to reject them, making the overall experience better.
apryiomka
commented
8 years ago Yes, in real life app we would want to do both, the UI and the server side validation. UI validation is only needed for better user experience (as the experienced hacker can easily bypass it anyways), so the user doesn't have to wait for the server side code to return. Besides, we would not need to hit the server side with the invalid requests which means less load / traffic on the server.
Do you think it would be a good idea to validate the UI inputs on the login form for, say, required fields (user name and password) before submitting the page to the server (acquiring token)?