0

Informations:

Using - Angular6 (frontend), plain PHP (backend), MySQL (db), Postman (testing)

Domains: http://frontend-domain.com; http://backend-domain.com

http://frontend-domain.com directory structure:

app (default angular app)
|_node_modules
|_src
|_...

http://backend-domain.com directoy structure:

app
|_api
|  |_contract
|     |-contract.php (waits for incoming POST requests)
|_config
|  |-Database.php (database class with db connection data and function connect())
|_models
  |-Contract.php (contract class with sql querys)

Situation:

I do not have any connection problems or any query problems. I am able to request the backend (api) successfully.

I am working on a login authentification and I used localstorage to save an auth_token . I need it to verify that the user is logged in and allowed to see the dashboard. Now I have read that using localstorage is bad.

Question(s):

If I am not allowed to save data in localstorage how else shall I identify the current user on a specific client?

-> Someone said to use the session on server side: I was thinking about "how will this work?" => It didn't work. Even the php $_COOKIE did not work. I also tried to implement the the whole backend folder in the angular app (app/src/backend). The requests were still successfull but the sessions and cookies still did not work. What else shall I do?

How is the combination of frontend and backend in my example? Should I use an internal backend on the same domain where the frontend sits or should I keep it? Is it recommended to split it like I did?

Did I even get it? Is this how a backend is build? Or is this just a simple (public) api?

Alex Schwifty
  • 59
  • 3
  • 11

2 Answers2

3

Its not a good practice to keep your backend in your angular app. The approach you did before is good, Keeping your backend and frontend separately. In that case you can use multiple languages and connect it with your angular app through REST APIs

Regarding saving token in localStorage. I think its not bad. But if you are still uncomfortable with that. Try to save your token in browser cookies. Have a look at this answer it might help. Is it safe to store a jwt in localStorage with reactjs?

Ali Wahab
  • 482
  • 6
  • 13
1

The best approch to combine frontend and backand is with the API. In your backend you must create with API(REST) that do all operation. The frontend calls this api and get the result and update the view. This is also the best approch because it divides the frontend from backend so you change your technologies in your front end and it works in the same way.

Doflamingo19
  • 1,591
  • 4
  • 12
  • 32