Categories

JavaScriptPHPHTMLCssPythonWordPressWeb developmentLinuxMySQLAndroidWindowsJavaC++ / C#LayoutReactUbuntuYiiDjangoProgramming1C-BitrixLaravelSystem administrationTelegramJSONDebianPostgreSQLIOSGoogleHtaccessWindows ServerGitMacOSGoogle ChromeCMSWooСommerceBootstrapNginxSQLUnityAPI
Make a leaderReport
B
B
beshot2015-11-08 15:20:08
RESTful API
beshot, 2015-11-08 15:20:08

REST authorization, will this method work?

Good day!
A method for authorizing REST requests is considered, the idea is as follows:
the user logs into the application using his credentials and receives a token to access the rest service. The service itself issues tokens. All exchange over normal http. The token is put into the database and contains the expiration time. After that, the token is encrypted before being given to the user. Only the rest service knows how to decrypt this token. After the token arrives at the rest service, it decrypts it and determines all the necessary data for authenticating the rest client. How safe and convenient is it?

Reply
Answer the question

Answer the question

In order to leave comments, you need to log in

2 answer(s)
Report
N
Nikita Gushchin, 2015-11-08
@iNikNik

Are you trying to reinvent JWT ?

Report
B
beshot, 2015-11-08
@beshot

Thank you and I would appreciate any comments on the security of such a solution.

Similar questions
A
Andrey Okhotnikov2019-04-15 18:09:57
GraphQl or Rest api for an online store? 3Reply
A
Andrey Troshkov2014-11-26 19:43:26
How to secure connection between client and servers (RESTful API)? 2Reply
J
John Freeman2016-11-24 20:48:05
How to read the response from the service? 2Reply
A
AXCHG2019-04-24 01:58:58
How to accept REST API HTTPS requests? 1Reply
V
Vadim2019-05-06 14:43:42
What is a Mock API Endpoint? 4Reply

Didn't find what you were looking for?

Ask your question

Ask a Question

731 491 924 answers to any question