Categories

JavaScriptPHPHTMLCssPythonWordPressWeb developmentLinuxMySQLAndroidWindowsJavaC++ / C#LayoutReactUbuntuYiiDjangoProgramming1C-BitrixLaravelSystem administrationTelegramJSONDebianPostgreSQLIOSGoogleHtaccessWindows ServerGitMacOSGoogle ChromeCMSWooСommerceBootstrapNginxSQLUnityAPI
Make a leaderReport
F
F
fecowab9722022-02-08 13:19:25
JSON Web Token
fecowab972, 2022-02-08 13:19:25

How to make a Middleware for JWT Authentication?

The problem is that in all the guides, they simply decode the token and check for validity. But the problem remains that one token has access to everything. For example, DELETE:username. I, using one token, can delete any user, because there is no :username parameter check and no username stigma.

I don’t know how to implement middleware, because I use different parameters in different endpoints and groups (not only :username), and in some I also need to check the glue username with json. field

Maybe I'm tricky and you need to remove the parameters, and send the data from the stigma with the username further along the equations.

Reply
Answer the question

Answer the question

In order to leave comments, you need to log in

1 answer(s)
Report
G
gelerum, 2022-02-08
@gelerum

Divide into several middleware. First check the token and extract the username, then pass this username to the parameter check, then to json, etc.

Similar questions
V
Vimana2018-10-20 15:24:48
How does jwt decode work? 1Reply
G
grabbee2020-09-28 12:35:31
What is the name of the token in Federated Identity? 1Reply
E
Evgeny Zalivadny2022-01-27 19:49:13
Is it safe to store the token in the browser's Session Storage? 1Reply
J
JkLKot2020-10-02 00:54:18
How to setup gin-jwt in golang? 1Reply
L
Lehahabl2022-02-10 17:24:41
How to implement updating access and refresh tokens in next js? 0Reply

Didn't find what you were looking for?

Ask your question

Ask a Question

731 491 924 answers to any question