I am using Facebooks javascript SDK, and I am able to login and do everything with it.
For backend I just have a simple rest api with database behind.
This is the call that gives me the status at the moment: http://ift.tt/1m1d46x.
Question is, when login and status checking are done on my front end side, how does my backend know which user is logged in?
Yes I can just send the username to my REST endpoint, but since users can manipulate the ajax calls, this is quite unsafe. How should I be doing this in real world?
Aucun commentaire:
Enregistrer un commentaire