This is my first attempt at coming up with new architecture on my own so I am not sure if I am even going to word this question correctly
I have used Spring MVC in an application that used controllers that returned ModelAndView objects with their responses. I am now wanting to try to write a Single Page Application using KendoUI on the front end, but still want to take advantage of Springs Security functionality.
I am getting confused around the fact that I can create the SPA with KendoUI and use the Kendo Router functionality so will not need the Spring MVC functionality of returning views. I really will need to serve up ta login page, then after authentication, serve up the home SPA page, then I plan to have the kendoUI code retrieve its data by hitting an external API and using the kendo Routers. I guess I need MVC because I do have those two different views to serve, but is Spring MVC overkill here?
Does this make sense as an architecture?
Browser Client request for my application url --> hit Spring MVC application and serve up login page --> user logs in --> authentication with spring --> serve KendoUI home page --> kendoUI functionality takes over from here to use routers to select client side pages, which will use http requests to load data from separate api.
I definitely want to use a Rest API back end for the data. I am just having a hard time finding an example of a kendo spa example that shows integration with Spring, so say, a user first goes to the site, I haven't seen any kendo routers checking for if the user is authenticated. So, trying to figure out how to do the part of
user goes to www.myweburl.com
on server side, I do spring authentication
is it here that I say, user is not authorized, send login page view
do I do spring authentication on server side and just pass back the auth failure info and determine in kendo router that i need to route to login page.
I can't seem to find an code examples for this type of thing.
From what I've seen in my career so far, even with single page applications the login page is separate. That way you don't send all your client logic to any unauthorized user. Once user is logged in, the user is sent to the single page application which has all the functionality. So IMO you should go with the first approach instead of Kendo showing a login page. But that's just my opinion on the matter
Thanks for your time Ankit! I am thinking that your advice is the way to go after asking others and more reading online.
I have been working on only back end code for the last two years, and am realizing now how much has changed on the front end in two years!