您已经找到问题的答案.那是自定义身份验证提供程序.您可以将令牌保留在前端应用程序存储中，并对其进行身份验证.登录时，您应该通过请求后端应用创建令牌，然后将其保存在令牌存储中.然后，您只需要对令牌进行身份验证(请参阅身份验证提供程序的示例).

You've already found the answer on your question. That's custom authentication provider. You can keep the tokens in your frontend app storage, and just authenticate them. On login, you should create the token via request to backend app, save it in your token storage and that's all. Then you only need to authenticate the token (just see an example of auth provider).

关于在前端应用程序中保留用户数据，这取决于您.您不必保留任何数据，因此，如果您想显示一些详细信息(即用户名等)，则也必须存储该详细信息(或在每个请求中都进行检索，但这会影响性能).至少您可以为此使用缓存.

Regarding keeping user data in your frontend app, it's up to you. You don't have to keep any data, therefore if you'd like to show some details (i.e. user name and so on) you have to store that details too (or retrieve it each request - but that will impact the performance). At least you can use caching for that.

所以可能的方法是:

1. 在登录时(使用登录表单或其他方式)，只需在登录处理程序中对用户进行身份验证(按照

1. On login(with login form or elsewhere), just authenticate user in login handler (create your own auth provider as described there - don't worry about Symfony 2, security component is almost the same - there are some incompatibilities, but the direction is correct). After successful authentication, store token in your frontend storage (also you can store some user details you need like name and so on).
2. On each request, authenticate the user using the token that's kept in your frontend app storage (that's another auth provider) - you don't need to send request to your backend app.