Open UttamMarandi opened 2 years ago
The problem occurs because we are using passport-local strategy in backend. If it was passport-jwt this may be the correct frontend code. passport-local handles everything regarding authentication for us. We don't need to store the user or any "token" b.c there is none in our redux store. The reason I was using redux is to persist the user even if the page refreshes. But with passport-local we don't need to do that. passport-local creates a session and handles "persist" all in background.
//apiCalls.js
const login = (email, password) => {
request
.post(
"/auth/login",
{ email, password },
{
withCredentials: true,
}
)
.then((res) => {
const {
data: { user },
} = res;
console.log("user", user);
})
.catch((err) => {
console.log("err login", err);
});
};
//login.js
const handleClick = (e) => {
e.preventDefault();
login(email, password);
};
TAKEAWAYS =>Never store user info in redux store. Basically redux store along with redux persist uses localstorage to persist the data. This compromises the security of app. =>tokens, and non-sensitive data should be stored in redux.