is it safe to make your login is via ajax? because i can see my authentication via devtool's network

You should only do logins via HTTPS.

You can see your login details in dev tools but it's only sending what you typed in.

It's not any less secure doing it via ajax, you can see the credentials in dev tools even if sent without it. Like @topvillas said though, you should always use HTTPS.

so you mean its fine to expose the user credentials in dev tools?.... In https://forum.vuejs.org/ ,,,, i tried to test its login form then submit and checked out my dev tools, it doesnt show any email or password requests and i like that way but when i tested out mine it displays :( please check this url to view more --> https://forum.vuejs.org/t/how-to-prevent-displaying-my-login-credentials-to-my-dev-tools/11766

I don't get what you mean with 'expose the user credentials in dev tools'.

The only person with access to those dev tools is you, seeing as you are looking at them. So the only person actually seeing those credentials in dev tools, is the person looking at the browser. This is the same person who actually typed those credentials in the browser. Which is still: you.

So surely, there isn't an issue here? Yes, you can see your username and password in your browser, but isn't that information you already know?

And like Jared said, it's not because of AJAX that you can see them in your dev tools. Even if you'd send them by regular POST request, you can still see them in your dev tools if you capture the request. Only because there usually follows a redirect to a regular GET route, you won't usually see them. But, that's just because you're not looking hard enough.

If you're worried about hackers intercepting your web traffic and seeing your plain text password being sent across the internet, than get your login form to work via HTTPS as was already stated. This way, even if your request gets hacked, they still can't see what you sent.