Severus
Reputation: 71
Offline authentication flow in Progressive web app
What is the best approach for authentication flow in PWA when its offline. I am using OIDC client js for online authentication flow.
Upvotes: 2
Views: 908
Answers (1)
Gary Archer
Reputation: 29263
The Authorization Server sits alongside your APIs so I would treat both the same:
- If the device is offline you cannot call your APIs so you have to use data that is cached locally - such as that for the last rendered view
- If the device is offline you also cannot perform user authentication or token refresh operations
Nothing about OIDC behaviour would change - you just need a design pattern for API access, which does not really depend on the technology you are using:
- MyView uses a MyApiClient
- When online, MyApiClient initiates OAuth related calls if there is no token yet, then adds a token to the Authorization header and calls MyApi
- When offline, MyApiClient looks in a local cache instead and displays cached data if it can, while also informing the user they are offline
Upvotes: 2
Related Questions
- PWA offline login, it's possible?
- Progressive Web App: How to detect and handle when connection is up again
- How to handle authentication when user is offline using Angular PWA?
- PWA Offline auth
- How to start using a progressive web app from login page when offline
- Firebase Auth - progressive web app (polymer) offline mode
- User authentication in offline web apps
- HTML5 offline authentication security issues
- authenticate user on offline mode
- Authentication of user for offline app