0

I want to have a simple authorization before accessing some webpages in Angular, not by using username and password but by using verification code. How am I gonna implement this to keep the user authorized within a certain amount of time?

I want to achieve this by first allowing user to enter an email id, then hit sent code button. Then the user will receive the code, and the user will type the code in the UI. If the code is right, the user will stay authorized for a certain amount of time. Ignore the backend part, how am I going to implement the frontend part along with routing guard? By using cookies, or localStorage? What should I store in them? More specifically when should I return true or false in the canActivate() method in the routing guard?

user8992154
  • 7
  • 2
  • You already mentioned two solutions to be used. You can store the token in a cookie for a limited time. Also LocalStorage or SessionStorage can be used. SessionStorage can be used for the browser session. If the user closes the browser, this session will expire. [This question can maybe help you](https://stackoverflow.com/questions/23312864/angularjs-sessionstorage-and-scope) – node_modules Jan 02 '19 at 21:16
  • Thank you for your comment. I understand the method in that post. But what I don't understand is that what if I manually put 'loggedIn = true' into the sessionStorage without enter the verification code, then the route become accessible when the user is not authorized. Can you explain further, thanks! – user8992154 Jan 02 '19 at 21:32

0 Answers0