Search icon CANCEL
Subscription
0
Cart icon
Your Cart (0 item)
Close icon
You have no products in your basket yet
Arrow left icon
Explore Products
Best Sellers
New Releases
Books
Videos
Audiobooks
Learning Hub
Free Learning
Arrow right icon
Arrow up icon
GO TO TOP
Full-Stack Web Development with GraphQL and React

You're reading from   Full-Stack Web Development with GraphQL and React Taking React from frontend to full-stack with GraphQL and Apollo

Arrow left icon
Product type Paperback
Published in Feb 2022
Publisher Packt
ISBN-13 9781801077880
Length 472 pages
Edition 2nd Edition
Languages
Tools
Arrow right icon
Author (1):
Arrow left icon
Sebastian Grebe Sebastian Grebe
Author Profile Icon Sebastian Grebe
Sebastian Grebe
Arrow right icon
View More author details
Toc

Table of Contents (17) Chapters Close

Preface 1. Section 1: Building the Stack
2. Chapter 1: Preparing Your Development Environment FREE CHAPTER 3. Chapter 2: Setting Up GraphQL with Express.js 4. Chapter 3: Connecting to the Database 5. Section 2: Building the Application
6. Chapter 4: Hooking Apollo into React 7. Chapter 5: Reusable React Components and React Hooks 8. Chapter 6: Authentication with Apollo and React 9. Chapter 7: Handling Image Uploads 10. Chapter 8: Routing in React 11. Chapter 9: Implementing Server-Side Rendering 12. Chapter 10: Real-Time Subscriptions 13. Chapter 11: Writing Tests for React and Node.js 14. Section 3: Preparing for Deployment
15. Chapter 12: Continuous Deployment with CircleCI and AWS 16. Other Books You May Enjoy

Authentication with SSR

You should have noticed that we have removed most of the authentication logic from the server-side React code. The reason for this is that localStorage cannot be transmitted to the server on the initial loading of a page, which is the only case where SSR can be used at all. This leads to the problem that we cannot render the correct route because we cannot verify whether a user is logged in. The authentication has to be transitioned to cookies, which are sent with every request.

It is important to understand that cookies also introduce some security issues. We will continue to use the regular HTTP authorization header for the GraphQL API that we have written. If we use cookies for the GraphQL API, we will expose our application to potential cross-site request forgery (CSRF) attacks. The frontend code continues to send all GraphQL requests with the HTTP authorization header.

We will only use the cookies to verify the authentication status of a user and...

lock icon The rest of the chapter is locked
Register for a free Packt account to unlock a world of extra content!
A free Packt account unlocks extra newsletters, articles, discounted offers, and much more. Start advancing your knowledge today.
Unlock this book and the full library FREE for 7 days
Get unlimited access to 7000+ expert-authored eBooks and videos courses covering every tech area you can think of
Renews at $19.99/month. Cancel anytime
Banner background image