Fork me on GitHub

so a few days back I posted a question, asking how to create 'protected routes', that will not be accessible for users, if they're not logged in. In my case, I'm using JWT token, that I store in local storage + re-frame db. I also wanted it to be a sort of clean solution - not hacky basically. I couldn't find any solutions on web and after fiddling around for quite some time, I got it working by creating an interceptor for it. I was thinking about writing up a little blog post on this. but first I thought I'd check on here, how useful do people think it would be?


Local storage is considered insecure by many because of xss


Is it bad to use a subscription inside of an event? If yes, why?


That's fair


it sounds like there’s an inject-sub interceptor that allows you to do what you want tho


I see that. Would passing the result of the subscription to the event not work just as well?


I guess another option is jsut to access it in the db directly


@petr My (somewhat shallow) understanding is that there’s a risk of memory leaks if you grab a subscription value directly inside an event handler, and the inject-sub mechanism avoids that. If you’re just grabbing a value inside the app-db, though, it’s a lot simpler to grab it directly. You can use prefix functions if you’re concerned about changing paths inside the app-db at some point in the future.