Message from JavaScript discussions

September 2020

— Why we should use only POST method for login API requests ?

[ Asked in an interview ]


2. How to avoid the following conflict.

Whenever we logged in,we will get a JWT from backend.

And if we shared the token to our friend,and if out friend stored the token in local storage even he can access the same session as ours.

How to resolve this conflict ?

— No idea, actually

— I switched to get recently

— How do i make page transitions without using libraries ?

— Understand how the libraries do it internally, then implement it yourself

— Any suggestions for library?

— What are u using, vanilla js?

— To hide sensitive data, like password, imo API should use only POSTs and response status should always be 200 OK

Message permanent page

— Https anyway doesn't expose anything other than the domain, even for get requests

— Ye, sure🤤 next applicant!

— That function isn't of good design itself, it should return counts, not values