Having different auth for app and api
Answered
American Crocodile posted this in #help-forum
American CrocodileOP
I have an app that have a dashboard to see data, and an api receive data from some tools . I did the auth with
Is it a good way to do something like having two auth ? and do you have tips to do it ? (don't find any online)
next-auth for the dashboard app, but needs to implement it for the api. I would like to have the tool to only give me a token that never change to identify. (btw this is in the same server, request only going in a docker environment, no problem for the security) Is it a good way to do something like having two auth ? and do you have tips to do it ? (don't find any online)
Answered by B33fb0n3
you can just add a api key inside a (for example)
api_keys-table. You add this api key to a user and give this api key also permissions. Then you can check, while requesting your api, the token and either allow the action or deny the action3 Replies
@American Crocodile I have an app that have a dashboard to see data, and an api receive data from some tools . I did the auth with `next-auth` for the dashboard app, but needs to implement it for the api. I would like to have the tool to only give me a token that never change to identify. (btw this is in the same server, request only going in a docker environment, no problem for the security)
Is it a good way to do something like having two auth ? and do you have tips to do it ? (don't find any online)
you can just add a api key inside a (for example)
api_keys-table. You add this api key to a user and give this api key also permissions. Then you can check, while requesting your api, the token and either allow the action or deny the actionAnswer
American CrocodileOP
I just got chatgpt that told me that. Didn't think like that. Thanks :)
happy to help