For my most recent project, I built an app called EduSource that allows parents to crowdsource online educational resources and organize them (check it out on github or live). Think Pinterest for educational resources.

Login getting prompted on the homescreen

One of the bigger challenges I took on was managing sessions with a decoupled frontend/backend. Rails makes sessions pretty easy to handle, IF EVERYTHING IS IN RAILS, but it gets a little more complicated when you use a different system for managing frontend behavior, particularly when interaction between the frontend and backend is asynchronous.

Sadly, I was unable to find a definitive guide that covers all the things you need to know to make this work. Instead, I pulled together a solution based on three different sources:

1. Mike Clark’s overview of the general flow you want to have
2. Kailana Kahawaii’s overview on setting up JSON Web Tokens (JWT) with Rails
3. JMFurlott’s guide on using JavaScript Cookies to store and utilize session data in React

!!CAVEAT!! — This is a beginners solution. I’d guess that this is not the most secure solution. Rather, it’s a moderately secure solution that I hope will be easier to understand for beginners just learning about how to implement secure sessions.

#rails-api #redux #react #user-authentication #sessions