Home > Back-end >  Jwt - Is there a difference in storing the token or the userId on client?
Jwt - Is there a difference in storing the token or the userId on client?

Time:11-10

I have a token that I sent to my backend where I verify it (jwt). Is there any difference in sending back the token itself or the userId I created on the backend to the client to store ?

I need specificaly the userId in my client only once. The jwt /or userId I need otherwise to authenticate user (if I get back token user is authenticated). However for this it doesnt matter if I get back the token or userId as userId is only being created once a jwt is issued on backend.

CodePudding user response:

The token is used to authenticate a client. The userid does not give direct access to the client as the JWT would.

CodePudding user response:

Usually you need jwt for authentication, so client needs to store jwt and send it with requests.

In your case sending the jwt back to client is redundant (as you just received it from client). Sending userId is totally fine, but your question doesn't describe why you need it

CodePudding user response:

Token based authentication is more secure compared to using userid based authentication, as it protects against MITM attacks. As every request will use token for authentication.

Page link:https//www.codepudding.com/Backend/605497.html

Prev:Winston never writing to log file if script crashes
Next:How to return a group by query via Django REST API?
  • Related

About Us:  Contact Us      Terms of Service       Privacy Policy

Copyright © 2010-2023,Powered By CodePudding