VueJS JWT Auth with Rails APIs and LocalStorage Discussion
Great video, Chris!
I'm really enjoying the whole API series and I'm excited to see more Vue!
Great job as always.
The only piece I missed actually was ES2015 syntax.
Why not hook into the new non-jQuery rails UJS driver for the submit handling?
You can still do that if you want to, I just wouldn't recommend it because you might as well just use UJS only and no frontend framework then.
Great idea to combine Rails Api + VueJs..
Can you give me an idea how to 'logout'?
Something like... localStorage.removeItem?
Logout is as simple as deleting the token from localStorage and the Vue state. Ideally, you'll want expirations on your tokens ideally so that they can be invalidated after a time. This is the same thing that Rails session cookies do for logout as well so it's nice and similar.
Thanks for that fast replay...
I am just beginning with VueJs..
So I found this working for me..
<script type="text/x-template" id="logout-template">
Are you planning to do any react front end sessions? I know you're tired of authentication, but I'd love to see you do some work in react so that I can get a feel for how to use it with rails in the back end. I'm getting a lot out of this series. Something is preventing me from commenting on episode 6, but I'd love to learn more about AMS too
An other way to prevent default when clicking on the submit button is: <button v-on:click.prevent="submit" [...]="" this="" takes="" benefit="" from="" some="" of="" vue="" features="">
Definitely a little late for this, but how are routes handled? Vue (or Vuex) would handle them I suppose, right?
For example: I login, get redirected to a given page. I think that'd be Vuex, but I read that (for some reason) Rails should provide matching routes. I haven't found enough implementations on Rails APIs with Vue to be certain though.
Hello Chris. Isn't it a bad idea to store session tokens in localStorage, security-wise? They become vulnerable to XSS. Probably a secure cookie with httpOnly it's better.
Yeah, and I recommend using cookie auth for in-browser API authentication. You might as well take full advantage of the browser's security if you've got it.
Could you explain this a bit more @chirs ?
"and I recommend using cookie auth for in-browser API authentication"
Isn't the video explaining how to use JWT Tokens for auth in-browser?
chris, I need your help about actioncable and redis.
I signedup here to talk with you.
I read your good post on actioncable.
I am sorry to bother you.
How can I send you my scripts to check out.
I hired one to make website.
But it does not load realtime data.
I think actioncable websocket is not working.
Can you help me ?
my email is email@example.com.
Really enjoy your courses Chris!
When a full course VueJS v2 + Rails 6? :-D