You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
Current authentication relies on explicit login action and route guards. This is undesirable in many ways
Bad UX: force many extra clicks: login button, login, navigate to desired page
It is not possible to redirect to protected pages as they cannot exchange code for token
Unreliable handling of token expiration (nothing will happen on frontend)
Guards are generally not desirable for this, it is much more user-friendly to handle login explicitly on pages.
For a MVP, I propose just unconditionally requiring login on all pages. Later we can refine this to support some pages without auth or pages visible both with and without.
The text was updated successfully, but these errors were encountered:
Current authentication relies on explicit login action and route guards. This is undesirable in many ways
Bad UX: force many extra clicks: login button, login, navigate to desired page
It is not possible to redirect to protected pages as they cannot exchange code for token
Unreliable handling of token expiration (nothing will happen on frontend)
Guards are generally not desirable for this, it is much more user-friendly to handle login explicitly on pages.
For a MVP, I propose just unconditionally requiring login on all pages. Later we can refine this to support some pages without auth or pages visible both with and without.
The text was updated successfully, but these errors were encountered: