Answer the question
In order to leave comments, you need to log in
S
S
Suxoi2016-08-17 19:10:12
Suxoi, 2016-08-17 19:10:12
Authorization with JWT token?
I am developing an API in which I made authorization through JWT, fastened TODO list, but how to make it so that when requesting certain links, the system says you need to log in before viewing tasks, etc. How to store a token and check it with each request ?
2 answer(s)
@Sanasol
@Suxoi
A
Alexander Aksentiev, 2016-08-17 @Sanasol
The point in JWT is not to store the token.
The JWT needs to be decoded and turned into a "session". More precisely, find out the user who is hiding behind the token.
Further work as at normal authorization through session.
If there is no session - the user is not authorized, do not let him do anything.
If there is a session - access is open.
S
Suxoi, 2016-08-19 @Suxoi
I found the solution, more precisely figured out what was wrong with the check function. Now everything works and everyone is happy!
as it was said correctly, it is not necessary to store the token, it is parsed by the function. the main thing is to return the correct value and then operate on the data callback
var validate = (req, token, callback) => {
let err;
User.findOne({_id: token.id }, function(err, user) {
if (err) throw err;
if (!user) {
return callback(err, false, user);
}
return callback(err, true, user);
});
};
request.auth.credentials._id (Or any values stuffed into the token)
Similar questions
J
S
A
A
D
Didn't find what you were looking for?
Ask your questionAsk a Question
731 491 924 answers to any question