SPAs are often tied to a RESTful API for a good reason: when your data makes sense, your experience makes sense.

sexsy tokeng-47

Sexsy tokeng video

Tokens are given to your users after they present some hard credentials, typically a username and password but they could also provide API keys or even tokens from another service.

Stormpath’s API Key Authentication Feature is an example of this.

SPAs tend to have many faces: the logged in view, the logged out view, or the restricted view. Your users are all getting the same app but they may not have the same levels of access.

You’ll find yourself building access control logic for your front end and your back end.

Thankfully, we’ve wrapped up all the best-practice decisions into some libraries you can use: Stormpath Angularjs SDK to solve your Angularjs authentication challenges, and it’s back-end pair, the Express-Stormpath.

Single page apps make a lot of sense for customer-centric applications that handle a lot of user data.

There are some details that matter if you want to achieve this nirvana while maintaing security in the browser.

We’ll get to that in the “Tokens Love Cookies” section. Since we’re talking about SPAs we’re talking about web browsers, and we all know how many holes there are when it comes to securing data in a web brower.

The man himself is a “fun-loving, no-filter, low-rent lawyer,” so he’ll probably do some classic shaking up at this all-female law firm.