Removal of "remember me" and setCache implementations

[phenrique7]

I never had to implement a "remember me" behavior in a SPA project. Actually, I never implemented this, be it a SPA or a monolith project, and to be honest, I didn't even know how this behavior worked. I had an intuition that this behavior was useful to prevent the user from logging in again, and as in SPA projects the authentication information (token) is stored in localStorage, this already solved this issue/behavior. To confirm my intuition about it and, in fact, to know how this behavior worked and if it could perhaps be applied in a SPA architecture, I went to do a quick research about its functioning.

When researching the behavior of a "remind me" feature, I discovered that this is a feature aimed at applications based on authentication by cookies (session-based auth), which in itself already excludes SPA's architecture, as it doesn't keep any state of the server and its use is oriented to API-based applications, which are by definition statelessness. This confirms my intuition described in the first paragraph and shows me that I was right. If you think about it, in SPA applications we already maintain (persist) a "remember me" behavior implicitly, as we always store the authetication token and check its existence at localStorage. Therefore, explicitly adding this to the template does not make sense, since it is outside the context of the application architecture (SPA-based) and it would also be a redundancy, thinking in terms of behavior.

That reinforces my view commented on in the PR that implements this and also points to the factor that our source of truth for the authentication token must be the localStorage and not in-memory cache. That is, if the user has a (valid) token, take it to the post-authentication home page. This should be true even when refreshing (authenticated) pages or even when closing or opening the navigation browser, which is not the case with the in-memory cache strategy implemented.

So, for these reasons, I find that "remember me" and setCache API implementations unnecessary for our template application architecture.

[diogomqbm]

Nice! I thought it should be a useful feature to our template to add a "remember me" condition but since you already explained why it doesn't make sense in a SPA, I agree to remove this.

This should be true even when refreshing (authenticated) pages or even when closing or opening the navigation browser, which is not the case with the in-memory cache strategy implemented.

Just to be clear, the way it's implemented right now the cache does take localStorage into consideration so it is true even when refreshing authenticated pages which is the case right now. But since it doesn't make sense to have this cache implemented, I'm going to remove it and only use localStorage.

[diogomqbm]

Already opened #11 that closes this discussion

[phenrique7]

I also want to point out that I am not against the implementation of the "cache". Actually, I liked the idea and would do something very similar, but with different nomenclature, since it wouldn't really be a "cache". I think we can use this discussion to improve this implementation, and not completely remove it.

[diogomqbm]

For sure! I was thinking about having this implementation for a different context. I removed it because it wasn't necessary at the moment but I definitely agree that we should implement something similar because I like the idea too.