Hi guys,I've made an API seed from which I want to start every hobby project for myself.I would really like your advice on the setup in general, middleware that I forgot or should add, ...At this moment only basic CRUD of a simple TODO is present. But it should be the same logic for every other entity.I'm handling authentication with JWT tokens and would especially like your advice on a good way to determine whether or not a user can access the app (CRUD of todo).I could write a function that extracts and decodes the JWT token from the "Authentication" header and apply it on the level of the resolvers. But then I should implement it everywhere manually. Or I could do something like this ?I would like the latter but than I should add something like koa-jwt. But I would rather write my own middleware. Tried that already, but didn't work out. So tips are welcome on that as well.Also advice or tips on docker are welcome, because it is dockerized.You can find the code here.Thanks in advance,Bert
Submitted September 30, 2020 at 07:12PM by bertv96
No comments:
Post a Comment