Categories

JavaScriptPHPHTMLCssPythonWordPressWeb developmentLinuxMySQLAndroidWindowsJavaC++ / C#LayoutReactUbuntuYiiDjangoProgramming1C-BitrixLaravelSystem administrationTelegramJSONDebianPostgreSQLIOSGoogleHtaccessWindows ServerGitMacOSGoogle ChromeCMSWooСommerceBootstrapNginxSQLUnityAPI
Make a leaderReport
L
L
lexstile2022-01-04 23:17:26
JSON Web Token
lexstile, 2022-01-04 23:17:26

If the token is valid, is it necessary to check for existence in the user's database?

Do I need to check for the existence of a user in the database when checking a JWT token?
Or does a valid token itself serve as proof of the user's existence?

Example, in payload I store the user id.
Do I need to check for the existence of a user with the specified id in the database?

As I understand it, this is an extra case?
I only came up with the case when they stole SECRET_KEY and created their own JWT with a non-existent id, but why?

Reply
Answer the question

Answer the question

In order to leave comments, you need to log in

1 answer(s)
Report
S
Sergey, 2022-01-04
@KingstonKMS

Naturally

Similar questions
S
Seva2017-08-03 13:59:25
DOMDocument and insertbefore? 2Reply
R
rshruslan2019-07-27 21:21:35
How to make authorization in native PHP with Vue (SPA)? 1Reply
V
vith772019-07-30 11:43:01
How to use one JWT token for authentication on different sites? 1Reply
J
jeruthadam2019-08-08 20:25:19
How to make a general authorization for a grid of sites? 2Reply
S
Sergey2019-08-30 11:31:05
What is the cause of the npm error? 1Reply

Didn't find what you were looking for?

Ask your question

Ask a Question

731 491 924 answers to any question