You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
currently I can not see who I am after being logged in. This is IMHO a generic requirement of any app.
currently there seems no way to log out
I personally want to ask if we should do the authentication by the backend. What if I want to use the REST API without the client? You might have arguments against this point and I am open for discussion. The authentication scheme is provided by the backend. So shouldnt the backend be fully responsible then? If we change or extend the authentication (e.g. add TFA via TOTP or switch to FIDO2) shoud we always change the client? What if we have multiple clients (angular, Android, iOS, etc.)? Should be be forced to change all of them? Or would it be better to have a design where only the backend is in charge of controling the login process?
The text was updated successfully, but these errors were encountered:
The text was updated successfully, but these errors were encountered: