-
Instead of doing encription and then decription in your frontend side. You can handle it by your backend
-
Simple and secure way is like you just need to pass username and password from your front end.
-
Then check both vaule are not empty.if you get any field empty then return error 402 with error message
-
If you get both value then first check your user exist or not if not then return error
-
If your user exist then an then you need to create token from your server side and store this token with your user table/document
-
When you successfully store your token in users table/model then return response with your success message and your token.
-
Finally you can use your token in frontend.
-
You can store this token in localStorage or as cookie in your frontend
-
Then in every request which need to be authenticated you can pass your token in header of that request and you can verify your token from backend.
-
If token is not valid then you can simple throw error message that user is not authenticated.
-
Or you can give permission for sending response as per request
Created
March 7, 2022 07:24
-
-
Save mhimanshu0101/e5aa5bb8f17711266b5b3e2a9bf55ab5 to your computer and use it in GitHub Desktop.
Securing Request response with security implementation - Use of Tokens
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment