2

I am developing a web app, In which I'm gonna use React as Front-end and Django as the back-end.

But the thing is that my front-end part is on a different server and the Back-end part is on a different server. and wanna communicate between them through the API.

I want to know how I can Authenticate users and get authenticated Users from the backend to the front-end.

I was thinking about the mentioned options

-> should I Use Token authentication

-> should I use session authentication

-> should I use JWT authentication

I am confused because there is also a problem, where I will store the auth token in React.?

also a problem,Does session authentication really works between 2 different server?

Improve this question
1
  • 1
    i had the same thoughts like a week ago, and after lot of research, the best (that i could found, could be other opinions about it) is the use of Jwt (lots of advanteges and security wise) connect them using Corsheader form Django side, and Axios form React side (where you can/will write down the urls , so whatever server they are in they will communicate), Commented May 7, 2021 at 23:31

1 Answer 1

Reset to default
1

Yes, authentication should work between two different servers, if you set it up correctly.

The type of authentication you should use depends on your use case. You should choose the one that best suits your needs.

As for storing the token, it also depends:

  • If you have a short-lived JWT, you could store it on the local storage, but it is vulnerable to XSS attacks.

  • If you have a longer lived JWT, you could store it in a cookie with HTTP-Only and Secure flags enabled. But this means that your frontend and backend must be on the same domain.

But again all of this depends on your particular use case.

Finally, since you mentioned that the backend and frontend are in different servers, I am assuming that they are hosted in different domains or subdomains. If this is the case, be sure to configure CORS on your backend so that you can receive requests from the React app.

Improve this answer
Sign up to request clarification or add additional context in comments.

Comments

Your Answer

By clicking “Post Your Answer”, you agree to our terms of service and acknowledge you have read our privacy policy.

Start asking to get answers

Find the answer to your question by asking.

Ask question

Explore related questions

See similar questions with these tags.