I am in process to design an application for a customer where the User Interface will be in Angular 6 and the back-end will be in the API.Now as I am using angular (SPA) I communicate with server though JSON and REST API. Now need your suggestions on the process to secure my API.
My Analysis -
1) Personal Access Token is not a good idea as the tokens are always long lived. I have already done a demo on the same.
2) Consuming Your API With JavaScript is may be a good option but it used cookies and it will be good approach or not I am not sure.
I am open for any good suggestions including other approach like JWT also if it's proves logical.
Thans in Advance.
via Chebli Mohamed
Aucun commentaire:
Enregistrer un commentaire