Ranter
Join devRant
Do all the things like
++ or -- rants, post your own rants, comment on others' rants and build your customized dev avatar
Sign Up
Pipeless API
From the creators of devRant, Pipeless lets you power real-time personalized recommendations and activity feeds using a simple API
Learn More
Comments
-
yusijs12528y@kc1116 you'd use nginx as a load balancer, splitting traffic between x instances of your api. this way, nginx is first point (same domain, so not cors), but it sends some request to server x and some to server y.
-
kc11164338yyea I know that, but if your API is on the same webserver as your core application then you will have to add another instance of that application rather than just an instance of the API, how can I make cookies survive CORS request
-
yusijs12528y@kc1116 I think you can define a cors setting for it with Access-Control-Allow-Credentials on the server, and configure your ajax calls to send authentication. I've done it at work and I'm certain it's possible. at work was with nodejs and angularjs
-
kc11164338yOkay will check it out thanks, have been trying to do this but with AngularJS and Golang back end
Question: Does using cookies for user session handling hinder the scalability of your backend because all the API's have to live on the same domain. Basically if one API starts to get a lot of request and you want to add another server to off balance the load you would have to add an entire webserver rather than just a small micro webserver with the API running on it mainly because cookies are used to authenticate user request and cookies don't survive CORS request. Am I right or don't know what the hell i'm talking about lol need some opinions I suggested we make all API's micro services and use JWT for user sessions
undefined
api jr developer cors cookies jwt