Company logo
  • Jobs
  • Bootcamp
  • About Us
  • For professionals
    • Home
    • Jobs
    • Courses
    • Questions
    • Teachers
    • Bootcamp
  • For business
    • Home
    • Our process
    • Plans
    • Assessments
    • Payroll
    • Blog
    • Sales
    • Calculator

0

108
Views
Nextjs and user access token authentication

I am creating an rest-api with nextjs that will be with interacting with mobile application and web application. and my question is it a bad practice to the following as authentication without checking sessions. mysql scheme.

Table users.

ID USERID EMAIL NAME CREATEDAT

TABLE ACCESS TOKEN

ID USERID ACCESSTOKEN EXPIRATIONDATE IP LASTSIGNIN

User Create an account with https post request and creates a row at users table Also create a row with ip and access token with expiration date of the token.

Access token is save at the as cookie in users webbrowser

and with every visit on pages that require log in or a post request that token is matched with access token and ip is match with ip in access token tab

in case of difference in ip or token expired the users will be signed out immediately.

7 months ago ยท Juan Pablo Isaza
Answer question
Find remote jobs