In the framework of frontend and backend separation, how does one perform unauthenticated redirection?

In the framework of frontend and backend separation, the backend requests are generally routed to the corresponding directory of the backend through nginx configuration, and then the frontend requests are routed to the corresponding directory of the frontend. Now we are experiencing a function of authentication bar. what we need to achieve is that each request is sent, whether it is a front-end request or a back-end request, first judge... in the framework of frontend and backend separation, the backend requests are generally routed to the corresponding directory of the backend through nginx configuration, and then the frontend requests are routed to the corresponding directory of the frontend. Now we have a function of authentication bar. to achieve this, each request is sent, whether it is a front-end request or a back-end request. First, we can determine whether there is a login or not. if there is no login, we will jump to the login homepage.
1. In general, authentication is done by the backend, and page jump is done by the front end. how can we combine these two steps.

1. When the frontend and backend are not separated, a hook is usually set during framework initialization to determine whether there is a logon or not.

2. I think the solution after separation should be that the backend still performs authentication judgment on each request and only returns no jump. Then, the frontend framework module requests the authentication interface before initialization. if the authentication fails, the logon page is displayed.

If you have any experience, let's give you some advice on how to perform this authentication in the separation scenario.

Reply content:

In the framework of frontend and backend separation, the backend requests are generally routed to the corresponding directory of the backend through nginx configuration, and then the frontend requests are routed to the corresponding directory of the frontend. Now we have a function of authentication bar. to achieve this, each request is sent, whether it is a front-end request or a back-end request. First, we can determine whether there is a login or not. if there is no login, we will jump to the login homepage.
1. In general, authentication is done by the backend, and page jump is done by the front end. how can we combine these two steps.

1. When the frontend and backend are not separated, a hook is usually set during framework initialization to determine whether there is a logon or not.

2. I think the solution after separation should be that the backend still performs authentication judgment on each request and only returns no jump. Then, the frontend framework module requests the authentication interface before initialization. if the authentication fails, the logon page is displayed.

If you have any experience, let's give you some advice on how to perform this authentication in the separation scenario.

The front end is generally transmitted in json format. if Json is used, this can be done.
Return: {code: "successful", data: "data to be retrieved", info: null },
When verification fails, return: {code: "failed", data: null, info: "No access permission "}
The front-end determines the code value after receiving the message. as for skip, the front-end determines its own business.

My implementation method is:

After logging on to the front-end, savetoken(The backend can be used.JWTOrredis,mysqlSave, the front-end is saved inlocalstorageOrcookie).

Each request from the front-end requiresAuthorization(Login) interface, judgmenttokenWhether it is valid (including whether it expires). if it is invalid, 403 and error message are returned. The frontend usesService base class(For exampleAdminService catch 403Or writeGlobal filter, Capture403.

The frontend and backend separation caches a logon status on the frontend, and then carries this status code each time a request is sent. the backend determines whether the logon status expires. this is almost the case.

It's easy. for example, for background projects, we all know that the system can only be accessed after successful login. how does one perform authentication throughout the process?

1. The backend filters all incoming requests to verify that the user has logged on. if the user does not log on, the user will continue to ignore the user. if the user does not log on, the user will jump directly to the login page.

2. For the front-end, each route jump also needs to be verified. for example, before opening a page, an ajax request is sent to the backend for verification. if the page is displayed, the request jumps to the login page if it does not exist.

3. How to verify that the browser does not write a cookie when the user fails to log on to the browser. after the user logs on successfully, the cookie is saved to the browser and the user's session is saved to the server, the cookie in the browser is the session key.

Our company has recently completely separated the front and back ends. The specific method is very simple. for example, if a page requires logon verification, the front-end will directly request the backend. Check whether the backend is logged on. if the backend is logged on, the status is returned.statusIssuccess, Plus data. If a fixed status is returned without logonstatusIsfail_401.

If there is no data available on this page, we will directly provide a general interface to request the next interface when the page is accessed. if it passes, it will be left on the current page. if it fails, it will jump directly.