0

Can somebody tell me about the general logic how to users only GET the data of their own only.

I'm doing making Rest-API with node.js+express+mysql. I already created CRUD operation with simple authentication. But I still vague about the logic, how the rest-api knows about the id of users that already login in app.

Please tell me the logic in GET but only the users already login can see their own data.

  • Users = id(pk), name(varchar)
  • data = id(pk), users_id(fk), description (varchar)

users can have multiple data. Thanks a lot

Improve this question
1
  • 1
    I would suggest finding a basic tutorial in authentication and authorization. If you already have authentication done you should know who is doing what inside a request. This isn’t something that can be answered succinctly here. Commented Jan 13, 2019 at 13:58

1 Answer 1

Reset to default
1

You can save userID or any other unique property(any type of a key) to recognize users in your local storage(in the browser). When you make a request you can retrieve the userID or key and send it along with the REST call to the back end, So when the request reach the server it will contain the userID or Key that will allow you to query the database and retrieve the relevant data.

Improve this answer
Sign up to request clarification or add additional context in comments.

2 Comments

Is this the best way? how about using jwt? noted: I trying to connect mobile app to this api
@infounikpintar yes you can use JWT. you can keep the key in localstorage and pass it through the REST call through Authorization headers and you can decode or check the key in the backend. you can generate the jwt using he username and any other combination and when you decode it you can extract the username from the token.

Your Answer

By clicking “Post Your Answer”, you agree to our terms of service and acknowledge you have read our privacy policy.

Start asking to get answers

Find the answer to your question by asking.

Ask question

Explore related questions

See similar questions with these tags.