I've built an API in express and would only like to accept requests from my own app. For example, using Postman or direct calls in the browser URL should be rejected.How can I do this? Is this a cookie thing and I need to store the sessions another way? Or perhaps CSRF tokens? Not really sure how to achieve this. Any help greatly appreciated! Nice one.
Submitted April 24, 2016 at 12:19PM by owenr88
No comments:
Post a Comment