Closed mazondo closed 10 years ago
Looking at this again, I think maybe we have doLogin()
store the user reference in a cookie only, and then add to the client init code that will check for a user reference and create a currentUser or userData object.
this will work well for the current implementation, but I'll need to keep it in mind for the login window implementation later.
done.
I think that we should push the responsibility of loading the user data into
doLogin()
or somewhere similar. The reason is two-fold:doLogin()
manuallydoLogin()
will store the user data in it's entire form as a cookie. Seems unsafe as the user data will potentially have auth information/user data as well. I like the idea of storing the user reference as a cookie and then loading it into the app on startup and storing it in memory, that way if the auth code is invalidated the user data is protectedThoughts?