Currently there's an auth route which handles setting up the user for the first time and keeping track of the CMS version for cache-busting our dynamic pages. Unfortunately there's a lot of overhead using this technique:
Separate request
Reliant on client for correct data
Extra client logic to decipher user id and CMS version
Authentication required on each API request
If we use a cookie for this information, we get the following benefits:
User is validated on each request automatically
User ID is generated server-side
Version is updated server-side (on index request only)
No logic necessary to discern version client-side; read-only.
User ID no longer required to be manually evaluated
There are in fact no downsides to using cookies for this process, other than the idea that a cookie is being used at all. Unfortunately most people have bad connotations with the idea of cookies, because they've been used to track users activities from site to site; this is not our goal. Cookies are simply a more efficient way to manage user interaction with the site.
Currently there's an auth route which handles setting up the user for the first time and keeping track of the CMS version for cache-busting our dynamic pages. Unfortunately there's a lot of overhead using this technique:
If we use a cookie for this information, we get the following benefits:
There are in fact no downsides to using cookies for this process, other than the idea that a cookie is being used at all. Unfortunately most people have bad connotations with the idea of cookies, because they've been used to track users activities from site to site; this is not our goal. Cookies are simply a more efficient way to manage user interaction with the site.