Reputation: 37
Check if Sailjs backend is getting a legit req from the frontend without any authentication system
I do not want my users to authenticate. But I do not anyone to steal my data. So my goal is to only serve the people who make a req from the front end of the app. How can I do this ?
Is there a built in function that I'm missing ? I know that there are session id generated, but not sure how to incorporate the session id to this situation.
Thanks
Upvotes: 0
Views: 58
Answers (1)
Reputation: 5979
By using the term "front end" I would assume that you have a client requesting data in the form of JSON/XML or HTML templates. My first suggestion to get your answer is to be much more descriptive in your question. It is very hard to answer without knowing how your client is designed.
Assuming your client is written in html/js and run in a browser then I would suggest that you serve a static file (in the form of a .js file or a <script></script> tag inside an html file) that generates a token. You can pass this token back to your server for validation on every request for data. This means that only your app (front-end) can be the only thing that requests data from your api (back-end).
Upvotes: 1
Related Questions
- How to use http-auth with Sails
- Sailsjs login API
- Call REST API in Sails js
- Why can anyone PUT/POST/GET to any user without authentication in sails.js blueprint rest api?
- Sails.js API passport.js authentication
- Authentication as a Sails hook
- Sails.js: How to properly handle request parameters/queries to backend?
- Sails REST API with simple AUTH
- Using SailsJS as RESTFul Backend application
- Sails.js REST Api Validation