12 Feb 2022
I was lately asked to explain the distinction between frontend and backend user authentication ( as an interview question ). I couldn't think of anything to say in response to his query. He inquired if the authentication you see on the web is done at the frontend or the backend, and I replied that it is done at the backend. Then he asked, "What is frontend authentication?" I was stumped. I looked it up on the internet, but couldn't discover an accurate distinction between what is performed on the frontend and what is performed on the backend. What are the uses, where are they used, and why are they utilized?
Frontend authentication is like using middleware or Web Guard to protect the pages which need authentication like profile page & dashboard, you can handle this by saving Cookies or localStorage & creating service files and it should use Tokens came from the backend when the user signup or sign in and refresh the tokens using specific endpoint to keep the user authenticated on both frontend and backend.
A unique cookie is provided to the browser when a user is authorised on the backend, according to my understanding. This is referred to as frontend authentication since it permits users to continue to use a website without having to check in to each individual page. For each future call, the website identifies the user based on the cookie data, subject to any constraints set in place.
A cookie that holds the login and password is a basic example, but it is obviously not particularly safe. Encryption, SSL, and different flags (secure, http-only, expiry-date, and so on) would be used in more advanced approaches.
Anyway it is a big and diverse topic.. you can read more about Authentication Mechanisms for HTTP
I hope this was helpful!
© 2023 Copyrights reserved for web-brackets.com