Home dotnet programming I'm setting up a web API on ASP.NET Core 2.0 with an already existing user table. What's the best way to pass the current user from the client to the web API?

I'm setting up a web API on ASP.NET Core 2.0 with an already existing user table. What's the best way to pass the current user from the client to the web API?

I'm using JWT tokens to secure the API itself. But after I pass the token to the web API, I need to know which user is making the requests so I can apply the correct permissions and what not.

I thought of two different things:

When I authenticate the user name and password, save the generated token to the DB with the ID of the user. This will allow me to join the token table onto the user table when requests are made to the API.
When the token is passed to the client, also pass the user ID and require the user ID in the body of further requests.

I have no idea if either way is ideal or if there's a better way. So any assistance would be greatly appreciated.

I'm setting up a web API on ASP.NET Core 2.0 with an already existing user table. What's the best way to pass the current user from the client to the web API? Click here

Pages

Reviews of gaming gadgets including keyboards, mouse and gaming PC

I'm setting up a web API on ASP.NET Core 2.0 with an already existing user table. What's the best way to pass the current user from the client to the web API?

Related Post

0 comments:

Post a Comment