Home > Blockchain >  Why store email-verification-token/secret-code in database and not array? NodeJs, Express, Typescrip
Why store email-verification-token/secret-code in database and not array? NodeJs, Express, Typescrip

Time:09-28

I'm building an application with registration and login, so I need to verify the email after registration. After creating the user I want to send an activation mail with a jwt in get request. After successfully confirming the email and token is not expired the user is logged in.

My question is why, shouldn't I store the jwt local in an array and on the verification request check if the token is valid and afterwards delete it from the array and set user registration status true?

Do I get any benefits if i store the token in a certain table in the database and also delete it after successful verification? Or shouldn't I delete it at all?

CodePudding user response:

 const token = jwt.sign(
      {
        email: loadedUser.email,
        userId: loadedUser._id.toString(),
      },
      "somesupersecretkey",
      { expiresIn: "1h" }
    );
    res.status(200).json({ token: token, userId: loadedUser._id.toString() });

No need to store the token in a certain table in the database and you can also set its timeout after successful verification...

  • Related