We must be able to cache the authentication status of the logged in user. Otherwise, with every page refresh, the user will have go through the login routine. We need to update AuthService so that it persists the auth status.
There are three main ways to store data:
- cookie
- localStorage
- sessionStorage
Cookies should not be used to store secure data, because they can be sniffed or stolen by bad actors. In addition, cookies can store 4 KB of data and can be set to expire.
localStorage and sessionStorage are similar to each other. They are protected and isolated browser-side stores that allow for storing larger amounts of data for your application. You can't set an expiration date-time on either stores. ...