API endpoints protected with cookies & JWT
Answered
Barbary Lion posted this in #help-forum
Barbary LionOP
How can I protect my next.js api endpoints using cookies (jwt is stored in http-only cookie) for the next.js app and jwt's for my react-native expo app?
Answered by B33fb0n3
Yea, you can directly check if there is a token present inside the request and if there is any token, check if the token is allowed to do the specific action
2 Replies
Barbary LionOP
A solution for routes I've found and considered is:
const token = req.cookies.jwtToken || req.headers.jwtToken || req.query.jwtToken;
if (!token) {
return res.status(401).json({ message: "Unauthorized" });
}@Barbary Lion A solution for routes I've found and considered is:
const token = req.cookies.jwtToken || req.headers.jwtToken || req.query.jwtToken;
if (!token) {
return res.status(401).json({ message: "Unauthorized" });
}
Yea, you can directly check if there is a token present inside the request and if there is any token, check if the token is allowed to do the specific action
Answer