您如何确定地检测用户是否在浏览器中按下了后退按钮?

如何使用#URL系统在单页web应用程序中强制使用页面内返回按钮?

为什么浏览器的后退按钮不触发它们自己的事件!?

在使用Angular、Ember、React等框架构建SPA风格的应用程序时，人们认为哪些是认证和会话管理的最佳实践?我能想到处理这个问题的几种方法。

Treat it no differently than authentication with a regular web application assuming the API and and UI have the same origin domain. This would likely involve having a session cookie, server side session storage and probably some session API endpoint that the authenticated web UI can hit to get current user information to help with personalization or possibly even determining roles/abilities on the client side. The server would still enforce rules protecting access to data of course, the UI would just use this information to customize the experience. Treat it like any third-party client using a public API and authenticate with some sort of token system similar to OAuth. This token mechanism would used by the client UI to authenticate each and every request made to the server API.

我不是这方面的专家，但第一条似乎对绝大多数情况来说已经完全足够了，但我真的很想听到一些更有经验的意见。