You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
I've created a React app at https://acwpython.pythonanywhere.com/ that includes httpOnly session cookies and csrftokens that could also be set to httpOnly. I couldn't find any tutorials online for it, so I tried my best :P It basically stores the built static files in GitHub pages and allows for a monolithic like repo, allowing for both MPA and SPA like configuration. You can find the tutorial and repository at https://github.com/Andrew-Chen-Wang/SPA-with-sessions
Rationale
New feature, hopefully better security on the authorization end. That's pretty much it.
There was interest in #466 5 years ago and #1689, and a contributor also added the CORS package mainly for the JS frameworks at #2683. I think if we just get a bunch of UI to look the same as the current UI and get django-allauth integrated, more people can adopt this method of SPAs.
Particular Issue
So I maintain SimpleJWT which is what a lot of tutorials use for their SPAs: JWT authorization. The core way this all works is by using npm run build using a file watcher. Haven't gotten back a response from friends, but I'ma assume it's pretty slow. Something that I proposed to the group was to have local development use JWT authorization and production use session authorization. I'd have to make a package that creates a new middleware for people to access request.session. But by doing this split, you don't have to keep rebuilding the React app every time you change something. You can just use the regular React reloading. I think.
The text was updated successfully, but these errors were encountered:
Description
I've created a React app at https://acwpython.pythonanywhere.com/ that includes httpOnly session cookies and csrftokens that could also be set to httpOnly. I couldn't find any tutorials online for it, so I tried my best :P It basically stores the built static files in GitHub pages and allows for a monolithic like repo, allowing for both MPA and SPA like configuration. You can find the tutorial and repository at https://github.com/Andrew-Chen-Wang/SPA-with-sessions
Rationale
New feature, hopefully better security on the authorization end. That's pretty much it.
There was interest in #466 5 years ago and #1689, and a contributor also added the CORS package mainly for the JS frameworks at #2683. I think if we just get a bunch of UI to look the same as the current UI and get django-allauth integrated, more people can adopt this method of SPAs.
Particular Issue
So I maintain SimpleJWT which is what a lot of tutorials use for their SPAs: JWT authorization. The core way this all works is by using
npm run buildusing a file watcher. Haven't gotten back a response from friends, but I'ma assume it's pretty slow. Something that I proposed to the group was to have local development use JWT authorization and production use session authorization. I'd have to make a package that creates a new middleware for people to accessrequest.session. But by doing this split, you don't have to keep rebuilding the React app every time you change something. You can just use the regular React reloading. I think.The text was updated successfully, but these errors were encountered: