Angular uses client side rendering. This means we need to retrieve state in to the DOM on each page load. Things like the username, account ID, and email are all currently fetched through the /session/validate endpoint. This is not ideal as the Single Page Application must wait for this API call to resolve. Not to mention it creates log spam.
Instead we should follow the advice of http://maffrigby.com/maintaining-session-info-in-angularjs-when-you-refresh-the-page/ to make certain items persistent and avoid making this API call. Note that these persistent cookies must be accessible from JavaScript and will act as a simple storage mechanism for session data. None of this data will be trusted by the server and session validity will be implicitly verified upon other API requests.
Angular uses client side rendering. This means we need to retrieve state in to the DOM on each page load. Things like the username, account ID, and email are all currently fetched through the
/session/validateendpoint. This is not ideal as the Single Page Application must wait for this API call to resolve. Not to mention it creates log spam.Instead we should follow the advice of http://maffrigby.com/maintaining-session-info-in-angularjs-when-you-refresh-the-page/ to make certain items persistent and avoid making this API call. Note that these persistent cookies must be accessible from JavaScript and will act as a simple storage mechanism for session data. None of this data will be trusted by the server and session validity will be implicitly verified upon other API requests.