We have a java web application running at work and I suggested to do a PWA (Progressive Web Application) that communicates with some webservices (also written in java), polymer and all the pwa concepts are new to me, but somehow I was able to write the entire application flow and communication within our webservices just fine, but Im facing a problem adding a personal authentication solution at the begging of the aplication, anyone has ever done/heard about polymer and how its possible to add an auth page at the begging of the application flow that comunicates asynchronously to a webservice to know if we must loggin the user or not?
so to resume:
- java web application with sqldatabase on server.
- java REST-full webservices that pull data from web application.
- PWA that needs to log in only if the username & password given as parameters to ws exists and are valid. callback to log user in.
Any help will be really appreciate, thank you guys.
Haven't done it yet, was doing a little research by myself and found that the way to go here its implementing a JWT's (JSON Web Token) on server side and store it on IndexDB to avoid CSRF attacks. Will try it in next days and If I cant will ask there, thank you for your answer.