Answer the question
In order to leave comments, you need to log in
I
I
IDONTSUDO2019-07-08 13:48:39
IDONTSUDO, 2019-07-08 13:48:39
Nosql mongoDb vulnerability, how to prevent?
I found in mongoDB. Functionality for generating the object Id of the document. And because I need to do microservices. I want to use it for generations, sessions. I can't do this generation through any ODM. If I do it through the native driver, will it lead to a NoSQL vulnerability? And if this leads to a vulnerability, then how to protect the base?
To generate a new ObjectId using ObjectId() a unique hex string:
x = ObjectId()
ObjectId("507f1f77bcf86cd799439011")
1 answer(s)
@IDONTSUDO
R
Robur, 2019-07-08 @IDONTSUDO
If I understand you correctly, then you want to use the ObjectId to generate the session ID.
The first question is why?
Second - than any other ways of generating Id did not please - the same UID
Third - why do you need a session ID at all if you have a JWT - which in itself is a session token? Put all the information you need there, sign it, check the signature when requested, and you will be happy.
Similar questions
V
W
A
M
Didn't find what you were looking for?
Ask your questionAsk a Question
731 491 924 answers to any question