User's requests authorization

For user's authorization we use token string generated in authentication.

Token is passed to api with Bearer header: Authorization: Bearer ${token}.

To handle bearer header and retrieve auth user with passportJs we have TokenServiceAuthStrategy. It retrieves auth user from token-service by token. If auth user not found or token expired - 401 status will be send in response. If user found - it will be saved to auth-context.

During authentication services generates string tokens and save them with auth users using token-service. Token later used for user's authorization

Authorization

User's requests authorization

results matching ""

No results matching ""