Reputation: 1753
API authentication using JWT for web and mobile client
Here is what I am planning to to for keeping separate tokens for web and mobile
1.When user is logged in from web JWT token is issued and it is stored in DB table with created time stamp. The above step is repeated for the mobile client ,so the table contains separate tokens for each client.
2.At the time of validation search for the token in table and validate if exists then it will try to verify with JWT.verify
Is it right method to do keeping separate logins using JWT??
Upvotes: 0
Views: 300
Answers (1)
Reputation: 4804
Maybe there are other ways to do it, but your approach is totally correct. By fact I would recommend it exactly your way. What you doing, is scoping issued token for specific service, platform. It is useful not only for your use case, but also when you have multiple APIs. You can issue different tokens for each service separately.
Upvotes: 1
Related Questions
- ExpressJS authorization with JWT - Is this correct?
- NodeJS Authorize with JWT token
- Token Authentication - JWT
- Node.js API with JWT authentication
- Suggestion on Api Access with Express-Gateway, and User authentication with JWT
- Auth0 + JWT + NodeJS + Express End-user authentication (Login)
- Approaches to make Node js-Express Rest api from mysql secure/Authenticate
- API authentication using json web tokens jwt-simple
- JSON Web Token (JWT) Security
- How correctly work with JWT and node