Karl Eule

How to signup users?

First, lets build a form:

Naive approach

Uh, thats not so nice. It uses get, but we want to post. Lets fix that.

Post

Uhm, that does a post. No infos leaked to the browser bar. But we still need to handle the post. So let's create an action.

Create an action

Uh, yeah. Not it works. We have the input data on our server. But how about security. Let's check if everbody could post to the route.

Use sessions.

Our post is not secured. Everybody could post to it, using a http client (e.g. Paw on MacOs, Postman, ...). Let's try to fix that with sessions.

Ok that gives us cookies. But everbody can still post to the route. Let's fix that. CSRF tokens to the rescue?

Let's add csrf token habdling from remix-utils