Answer the question
In order to leave comments, you need to log in
A
A
Andrey Okhotnikov2020-02-04 09:55:19
Andrey Okhotnikov, 2020-02-04 09:55:19
Express token authorization?
How to get user data correctly?
I authorize the user, encrypt his id into a token and send it to the front, store the token in localstorage at the front and send it to headers when requesting back.
The question is what to do when the token comes to the back? I decrypt it, get the user id, then just get data by id, or do I need some other checks?
2 answer(s)
@tsepen
Maximum checks are needed when receiving a request (for example, to protect against bots / scrapers)
And if you don’t care how the user uses the service on the front (with his own custom client or something) and how often the server will pull, then no more checks.
You made sure that the id / password are correct, so give him what he wants
S
Shohruh Shaimardonov, 2020-02-04 @tsepen
Are there any other checks needed?
Maximum checks are needed when receiving a request (for example, to protect against bots / scrapers)
And if you don’t care how the user uses the service on the front (with his own custom client or something) and how often the server will pull, then no more checks.
You made sure that the id / password are correct, so give him what he wants
Similar questions
V
S
K
X
A
Didn't find what you were looking for?
Ask your questionAsk a Question
731 491 924 answers to any question