0

I am building a card holder application in which UI is in Angular 4 and Backend is in Spring Rest Service. Now, there is a login screen, so once user logs in he can see another screens like transaction history, currency list, currency rates etc.

Now, my challenges are: (1) How to encrypt username and password to prevent it from hacking. (2) How to maintain a user session as I have UI in Angular and backend in Spring Rest (Java)

Please help

Improve this question

1 Answer 1

Reset to default
1

Based on definitions, REST api are stateless, so no session or storing values. You need to have something like jwt token,

1 - when user logins, in login request you send user and password to beckend

2 - backend authenticates the user and generates jwt token and send it to frontend

3 - you keep this token in memory (in angular service or ngrx store)

4 - on other request to server, add token in the header

5 - backend receives the token, deserialize it and it knows which user is calling the api

also your backend can check if the auth token is not present returns 401 then in your frontend if you receive 401 redirect to login page and rest is the same as above

Improve this answer
Sign up to request clarification or add additional context in comments.

8 Comments

than you very much. But I can not send the plane user name and password. I have to encrypt it before sending it to the backend. How the session will be maintained among the the different instances of same service (which is micoservice arch)
you can send user pass word plain as long as your website is https
plane username and passwords can be hacked .......... correct ? And how https saves my plane username and password ?
no body can sniff the user password if you are on https
When you say sniff, what does it mean ? Can you please give me some google link to read on this ?
|

Your Answer

By clicking “Post Your Answer”, you agree to our terms of service and acknowledge you have read our privacy policy.

Start asking to get answers

Find the answer to your question by asking.

Ask question

Explore related questions

See similar questions with these tags.