Meteor: Using Flow Router for authentication and permissions
Satya van Heummen
16730

This is an interesting idea but it has some problems in my opinion.

Firstly, routing information is public anyways, so the argument that routing information is somehow secured by going the redirect route is false.

One problem I see with this approach is multi-window behavior. Logging in and out of one window doesn’t do the right things in the other windows and this could lead to some serious issues if you are depending on the redirect logic to be the only thing guarding private pages.

Template and layout based authentication forces you to think about your user state as you render which solves that problem.

Like what you read? Give Karim Fatehi a round of applause.

From a quick cheer to a standing ovation, clap to show how much you enjoyed this story.