Should I make authentication request for every single page in app?









up vote
0
down vote

favorite












I am building application where I save JWT in cookies. The way I save JWT in cookies is secure, so I can't check it using JS script but only via http call. So when server returns my JWT from my cookies, I save it in store, but problem is when I refresh page. So there is my question.. imagine I enter web page in my app where I make no http request at all, but site header should be modified weather I am authorized or not. so should I make http call to check my JWT in cookies for every single page even though I make no request? or should I check JWT only during requests?



in simple words should I make additional requests to check my JWT?










share|improve this question



























    up vote
    0
    down vote

    favorite












    I am building application where I save JWT in cookies. The way I save JWT in cookies is secure, so I can't check it using JS script but only via http call. So when server returns my JWT from my cookies, I save it in store, but problem is when I refresh page. So there is my question.. imagine I enter web page in my app where I make no http request at all, but site header should be modified weather I am authorized or not. so should I make http call to check my JWT in cookies for every single page even though I make no request? or should I check JWT only during requests?



    in simple words should I make additional requests to check my JWT?










    share|improve this question

























      up vote
      0
      down vote

      favorite









      up vote
      0
      down vote

      favorite











      I am building application where I save JWT in cookies. The way I save JWT in cookies is secure, so I can't check it using JS script but only via http call. So when server returns my JWT from my cookies, I save it in store, but problem is when I refresh page. So there is my question.. imagine I enter web page in my app where I make no http request at all, but site header should be modified weather I am authorized or not. so should I make http call to check my JWT in cookies for every single page even though I make no request? or should I check JWT only during requests?



      in simple words should I make additional requests to check my JWT?










      share|improve this question















      I am building application where I save JWT in cookies. The way I save JWT in cookies is secure, so I can't check it using JS script but only via http call. So when server returns my JWT from my cookies, I save it in store, but problem is when I refresh page. So there is my question.. imagine I enter web page in my app where I make no http request at all, but site header should be modified weather I am authorized or not. so should I make http call to check my JWT in cookies for every single page even though I make no request? or should I check JWT only during requests?



      in simple words should I make additional requests to check my JWT?







      http security authentication cookies jwt






      share|improve this question















      share|improve this question













      share|improve this question




      share|improve this question








      edited Nov 10 at 10:44

























      asked Nov 10 at 10:32









      O. Shekriladze

      356




      356



























          active

          oldest

          votes











          Your Answer






          StackExchange.ifUsing("editor", function ()
          StackExchange.using("externalEditor", function ()
          StackExchange.using("snippets", function ()
          StackExchange.snippets.init();
          );
          );
          , "code-snippets");

          StackExchange.ready(function()
          var channelOptions =
          tags: "".split(" "),
          id: "1"
          ;
          initTagRenderer("".split(" "), "".split(" "), channelOptions);

          StackExchange.using("externalEditor", function()
          // Have to fire editor after snippets, if snippets enabled
          if (StackExchange.settings.snippets.snippetsEnabled)
          StackExchange.using("snippets", function()
          createEditor();
          );

          else
          createEditor();

          );

          function createEditor()
          StackExchange.prepareEditor(
          heartbeatType: 'answer',
          convertImagesToLinks: true,
          noModals: true,
          showLowRepImageUploadWarning: true,
          reputationToPostImages: 10,
          bindNavPrevention: true,
          postfix: "",
          imageUploader:
          brandingHtml: "Powered by u003ca class="icon-imgur-white" href="https://imgur.com/"u003eu003c/au003e",
          contentPolicyHtml: "User contributions licensed under u003ca href="https://creativecommons.org/licenses/by-sa/3.0/"u003ecc by-sa 3.0 with attribution requiredu003c/au003e u003ca href="https://stackoverflow.com/legal/content-policy"u003e(content policy)u003c/au003e",
          allowUrls: true
          ,
          onDemand: true,
          discardSelector: ".discard-answer"
          ,immediatelyShowMarkdownHelp:true
          );



          );













           

          draft saved


          draft discarded


















          StackExchange.ready(
          function ()
          StackExchange.openid.initPostLogin('.new-post-login', 'https%3a%2f%2fstackoverflow.com%2fquestions%2f53238069%2fshould-i-make-authentication-request-for-every-single-page-in-app%23new-answer', 'question_page');

          );

          Post as a guest



































          active

          oldest

          votes













          active

          oldest

          votes









          active

          oldest

          votes






          active

          oldest

          votes















           

          draft saved


          draft discarded















































           


          draft saved


          draft discarded














          StackExchange.ready(
          function ()
          StackExchange.openid.initPostLogin('.new-post-login', 'https%3a%2f%2fstackoverflow.com%2fquestions%2f53238069%2fshould-i-make-authentication-request-for-every-single-page-in-app%23new-answer', 'question_page');

          );

          Post as a guest














































































          這個網誌中的熱門文章

          How to read a connectionString WITH PROVIDER in .NET Core?

          In R, how to develop a multiplot heatmap.2 figure showing key labels successfully

          Museum of Modern and Contemporary Art of Trento and Rovereto