After the user types in credentials in the login page, I save the JWT token I receive from my server in local storage. How do I use this token when redirecting to a protected page using window.location.replace(url). Or is there another method I should be using? My backend is Flask, if that's important
Asked
Active
Viewed 1,566 times
1 Answers
0
You should send the JWT token in the header of every client request after successful login. On the backend just check if the header exists and that token is correct for the protected routes.
lekterable
- 889
- 1
- 9
- 18
-
How do you send the token in the header of a client request? I know how to do it with ajax for a get/post request for example but if I want to load a new, protected page that doesnt work because you can’t render_template from an ajax request. How do I pass it in the header when changing the href client side? – Hackerman Aug 07 '18 at 23:44
-
1It depends on what technology are you using. This is how i did it in angular: `$http.defaults.headers.common['X-Auth'] = token` – lekterable Aug 07 '18 at 23:53
-
Im using vanilla javascript and jquery for front end. Sorry I should have specified. Would you know the command using one of those (preferably jquery) – Hackerman Aug 07 '18 at 23:54
-
1I believe this might work: https://stackoverflow.com/a/14527484/8726546 – lekterable Aug 08 '18 at 00:01
-
The linked post didn't work. You can't use ajax to load a new url. That's why I'm trying to change the url through Javascript. How do I attach a header to a url change. Or if that doesn't work, what do other people do with JWT's when they want to change url's? – Hackerman Aug 08 '18 at 14:00