Excuse me the Api request token stored in the database that the user introduced to token so you know is that when users to come in the incoming token is the method of encryption and decryption in the refresh token?

CodePudding user response:

User login, service generated token returned to the user

CodePudding user response:

Every time the user requests, with the token can, as to decrypt the encrypted, users don't need to pipe here, their processing line service

CodePudding user response:

If you do not verify forged a token can modify your database contents were no need to worry about what you said? ,,,,,,,,,,,,,,,,

CodePudding user response:

Why is stored in the database? If your server or server cluster, if it is missing the "not landed" session information, related to any client should log back in, to apply for the session authentication,

CodePudding user response:

"Database" is a backup the persistence of place, that is a huge number of garbage on demand loading data, any a professional research and development of commercial systems server engineer, should be on the set of business architecture and high-speed cache object, also is the place where the low efficiency of backup,

CodePudding user response:

Also is the place where the low efficiency of backup, & gt; Rather than is the place that the low efficiency of backup, only "from the database" is the root cause of inefficient service system bottlenecks,