i’m currently building an authentication module and got a question about something,
I have setup a server with an api and want my users to authenticate to this server
but everything with angular is client side so I was troubled how to set the id without anyone being able to just change it and pretend they’re someone else.
So i thought what if when a user registers on my app I create a random string on my server, hash this string and return it to my app and store it in local storage and on my database.
This way when someone requests I just check if the local string is equal to the database string, and when a user log’s out I empty this string in my db and local storage. and when they try to log in again I just create a new one.
Is this a good idea? maybe this is the normal way to go but couldn’t find a thing on the internet for authenticating without having to pay, since this app wil probably have alot of traffic i’m not willing to pay for every connection to my server.