Everyone loves Frameworks but there are good software stacks that follow design patterns and there are ones that labour away in your browser.
The whole idea of RESTful design is that the client has an independent life. But RESTful design coupled with intelligent clients that are now possible to write with Javascript frameworks (so we now have two separate software stacks talking through the TCP-IP stack - do we see a pattern here?) so stuff that gets transmitted to the client is designed for that client only, so we craft a software "one fit only" key so that the server can know which client it is talking to - this "state" is preserved in a cookie.
That is what happens when you log in. Your authentication token is added to the package of information providing a secure network. Is this new? Not at all. Why do we not do it all the time? We do, it is called SSL. It provides a "standard" - a measurable way of doing something with an agreed visual clue. Is it secure? Yes.
No comments:
Post a Comment