General question regarding authentication and authorization for HTTP requests between front- and backend
0
This might be an easy question: I tried setting up a very simple webapp with Angular 7 and Django, writing some Python methods to handle data and visualizing results in Angular frontend. As my requests failed with unauthorisized I started to read about Authentication and Authorization for HTTP requests but the more I read the more I'm drifting away from the big picture. So my wquestions are: Can I enable an user to make HTTP requests to the backend without and login? Would it be possible to secure these requests? When I only allow users to to HTTP requests after any login, how do I do the first registration? Is the correct way: 1) user logs in 2) an authorization token is provided 3) the token is parsed to every request the user does after login ? Thanks for helping me understanding the basic ...