Handling the login authentication
In this section, you will learn about how to use Spring Security for login-based authentication based on the following authentication process related to the Angular app and Spring app running on different servers:
- The user visits the login page which is part of Angular app. The login page is delivered from the Angular app. Token is grabbed from the server and sent back to the client, and the server expects the same token in each subsequent requests. This token will be added to the header of the subsequent login request submission.
- On submission of login form details such as username and password, an appropriate Spring Web API such as
/account/login
is invoked through the HTTP servicePOST
method. The following code represents the Angular code for the login. Pay attention to how the HTTP service is used to invoke Spring RESTful login APIs. Make a note of thewithCredentials: true
option being set as part ofRequestOptions
. TheXMLHttpRequest.withCredentials...