I now have a project that puts userId in localStorage when logging in at the front end.
then every time you call the interface, you always find userId, from localStorage and send a request.
then there is an isLoginCheck interface that only detects whether a user is logged in to the session, but not which user is logged in.
so after the current side logs in, isLoginCheck returns true.
then use localStorage.setItem ("userId", 89);
just change the userId in localStorage to see the contents of other people"s accounts without knowing their passwords.
is it necessary to check the request every time the frontend sends a request? the userId of the request is the same as the userId in the backend session.
is there a way to configure a file once and for all?