Closed Jenan closed 7 years ago
sure, your idea would also work just fine.
@maxmantz I have a question about JWT - I've used the server rendering for react&redux app and I've wondered if is safe render JWT into html hidden field and read this token from hidden field? What do you think about rendering JWT into HTML hidden input?
Why do you want to do that?
I have a JWT token store in cookie on the server and I want to use the redux and react rendered from server because it's faster in initial application start. If I want to render react-redux app from server the way for passing the data from server to the client it is pass like this:
<script type="text/javascript">
window.__initialState__ = @Html.Raw(JsonConvert.SerializeObject(Model, new JsonSerializerSettings
{
NullValueHandling = NullValueHandling.Ignore
}));
</script>
const store = createStore(combineReducers({
app: commonReducer
}), (window as any).__initialState__ ,applyMiddleware(logger));
Render JWT into window.__initialState__
like this?
What do you think about it?
It seems a little complicated to me, but if it works for you, then sure, go ahead...
I'm happy to help with questions about the usage of this library. But please understand that I'm not a consultant and don't have the time and resources to answer questions beyond that.
Here redux-oidc-example/src/utils/request.js is example how get the access token from redux store and the redux store is shared in import:
Is it good way to do this? Could be better pass the access token like a parameter and connect the oidc key into component?
Thanks for your opinion. :)
Token pass as paramater:
And in component use connect method with:
Pass the access token from component into action creator and call the api with this paramater.