Categories

JavaScriptPHPHTMLCssPythonWordPressWeb developmentLinuxMySQLAndroidWindowsJavaC++ / C#LayoutReactUbuntuYiiDjangoProgramming1C-BitrixLaravelSystem administrationTelegramJSONDebianPostgreSQLIOSGoogleHtaccessWindows ServerGitMacOSGoogle ChromeCMSWooСommerceBootstrapNginxSQLUnityAPI
Make a leaderReport
F
F
fecowab9722022-02-08 13:19:25
JSON Web Token
fecowab972, 2022-02-08 13:19:25

How to make a Middleware for JWT Authentication?

The problem is that in all the guides, they simply decode the token and check for validity. But the problem remains that one token has access to everything. For example, DELETE:username. I, using one token, can delete any user, because there is no :username parameter check and no username stigma.

I don’t know how to implement middleware, because I use different parameters in different endpoints and groups (not only :username), and in some I also need to check the glue username with json. field

Maybe I'm tricky and you need to remove the parameters, and send the data from the stigma with the username further along the equations.

Reply
Answer the question

Answer the question

In order to leave comments, you need to log in

1 answer(s)
Report
G
gelerum, 2022-02-08
@gelerum

Divide into several middleware. First check the token and extract the username, then pass this username to the parameter check, then to json, etc.

Similar questions
G
gromyko212021-06-03 08:17:55
How to verify jwt when registering from another (my) service? 0Reply
F
fuckman2015-08-25 11:13:21
How to implement authorization on the backbone? 1Reply
V
Viktor Arkhipov2017-08-12 22:49:38
How to pass jwt to client in Angular? 1Reply
E
ettychel2020-01-27 11:47:08
How to properly use nuxtjs auth module? 0Reply
V
val182020-02-05 11:58:26
What method to use to check the lifetime of a jwt token? 1Reply

Didn't find what you were looking for?

Ask your question

Ask a Question

731 491 924 answers to any question