I have a Chrome Highlighter extension that I need to connect and sync it's data (user details, highlights and articles) both TO and FROM a Ruby on Rails app.
The API need to be properly built and secured. I read that the JWT token need to be stored inside an httpOnly cookie? Probably, you know better about this, so please make suggestion(s).
1. Authentication: - If the user is logged in, fetch his credentials and display his email/username on main.html (popup) - If the user not logged in, whenever he tries to click “Save bookmark” or tries to highlight, he will be redirected to the login page on Rails app 2. Highlights, Articles & Folders: Sync these both FROM and TO the Rails app - If the user highlight or save the articles from the extension, these will be saved to the Rails app - If the user reinstalled the extension, or install it on the different computer/browser, all his data will be synced from the Rails app to this newly installed extension - The synced Folders need to be rendered correctly based on the positions & orders from Rails app
