I followed the SPA React Quickstart and the subsequent API directions.
Here is what is working:
Authentication to ‘/’ is working. I can get to the protected ‘/profile’ route as well on the same login.
When I go to protected route ‘/users’, which makes a fetch to an API route on my express server, I have to re-authenticate. Once done, it successfully responds with appropriate data from my controller + dbase.
I’m fairly new to authentication, do I need to use cookies to stay logged in, or should the JWT be sufficient per the SPA / API walkthrough?
Would code be useful?
Thank you!