Answer the question
In order to leave comments, you need to log in
M
M
Mikhailo Poberezhny2016-12-14 17:46:33
Mikhailo Poberezhny, 2016-12-14 17:46:33
Node.js bearer token authorization?
Guys, I do not understand the very logic of how they work. I use jwt-simple, created a token through the user's _id (unique) and wrote it into the database and it is essentially eternal, i.e. the user enters him and gives him a token and the client in each request in the header shoves it to me, I actually check it on the server if all the rules I give access if not I give the error.
But here they set the task to do it through a bearer token.
1. At the first login, create it for 10 minutes and extend it up to 10 minutes with each request
2. On logout, if it has the all=true parameter, then delete the last token; if false, then delete everything.
And I did not understand the essence of the task, it should be many different tokens for 1 user, or 1 but renew.
Tell me please :)
1 answer(s)
@as_for_me
The easiest way refer to : https://github.com/auth0/node-jsonwebtoken
C
catHD, 2016-12-15 @as_for_me
Start by reading https://jwt.io/
When you understand what jwt is, you will no longer have a question: it should be many different tokens for 1 user, or 1 but renew.
Basically, you're doing almost everything right, but this:
through _id (unique) the user wrote to the database and it is essentially eternal,
The easiest way refer to : https://github.com/auth0/node-jsonwebtoken
Similar questions
D
S
A
A
K
Didn't find what you were looking for?
Ask your questionAsk a Question
731 491 924 answers to any question