- Front-end
- HTML| CSS| JavaScript| Vue.js
Latest Recommendations
-
Php8, I'm coming too
84669 person learning
- native foundation
- HTML| CSS| HTML5| CSS3| JavaScript
Latest Recommendations
-
Learn website layout in 30 minutes
152542 person learning
- Introduction to Fundamentals
- MySQL| SQL Server
Latest Recommendations
-
Shangguan Oracle Beginner to Proficient Video Tutorial
20005 person learning
Latest Recommendations
-
Your first line of UNI-APP code
5487 person learning
-
Flutter from scratch to app launch
7821 person learning
- Tool usage
- PhpStudy| Git| Other tools
Latest Recommendations
-
Brother Lian New Linux Video Tutorial
359900 person learning
Latest Recommendations
-
AXURE 9 Video Tutorial (Suitable for Product Manager Interactive Product Design UI)
3350 person learning
-
Zero Basic Proficiency PS Video Tutorial
180660 person learning
-
16 day UI video tutorial to get you started
48569 person learning
-
PS Techniques and Slicing Techniques Video Tutorial
18603 person learning
- Class Library Classification
- HTTP| TCP/IP| basic programming
Latest Recommendations
-
Alibaba Cloud Environment Construction and Project Launch Video Tutorial
40936 person learning
-
Overview of Computer Networks - Basic Knowledge that Programmers Must Master
1549 person learning
-
Essential Tutorial for Programmers - HTTP Protocol Explanation
1183 person learning
-
Websocket Video Tutorial
32909 person learning
![[Web front-end] Node.js quick start](https://img.php.cn/upload/course/000/000/067/662b5d34ba7c0227.png)
First of all, you have to make it clear that there is no absolutely secure front-end. The main thing is that both the front-end and the front-end need to verify the token.
Generally, the front-end stores a token or the back-end writes a cookie to the customer service end.
Request interface At this time, it is either an automatic cookie or manually passed to the backend.
Determine whether the token has expired based on the feedback from the backend. The corresponding challenge goes to the login page.
1: There is no way, even if the browser remembers the password, it will be recorded in the browser data, and the user can also view it. The function of remembering the password is recorded locally. As long as the device is not taken away by others, then others I can’t get the password either
2: Our token is also recorded in localStorage
3: Yes, so the front-end architecture design is very important
Either remember the password in localstorage, or don’t do it and let the browser do it
Token is usually placed in a cookie. When verifying on the web page, whether you can log in can be directly judged by whether the page displays an avatar, etc. There is no need to judge whether the token has expired. When calling the server API, the server will verify whether you are actually logged in based on the token.