WAASUL
WAASUL
PostsComments
CC#
Created by Lounder on 12/22/2024 in #help
What are your thoughts on my application flow? Diagrams attached
Yeah I'm doing a similar thing. I took me weeks to create a solution.
56 replies
CC#
Created by Lounder on 12/22/2024 in #help
What are your thoughts on my application flow? Diagrams attached
No worries. Glad to help.
56 replies
CC#
Created by Lounder on 12/22/2024 in #help
What are your thoughts on my application flow? Diagrams attached
it's really up to you. I would suggest doing some research on it first. If you do decide to go with that approach. Then implement it very early in the process.
56 replies
CC#
Created by Lounder on 12/22/2024 in #help
What are your thoughts on my application flow? Diagrams attached
That way you save space.
56 replies
CC#
Created by Lounder on 12/22/2024 in #help
What are your thoughts on my application flow? Diagrams attached
Instead of blacklisting all members id. You can blacklist the team id.
56 replies
CC#
Created by Lounder on 12/22/2024 in #help
What are your thoughts on my application flow? Diagrams attached
In theory, you could. But you will have to store information about the teams in the jwt.
56 replies
CC#
Created by Lounder on 12/22/2024 in #help
What are your thoughts on my application flow? Diagrams attached
Also just one last point. If the cache service is not available don't allow by passing. Just a last barrier.
56 replies
CC#
Created by Lounder on 12/22/2024 in #help
What are your thoughts on my application flow? Diagrams attached
No worries.
56 replies
CC#
Created by Lounder on 12/22/2024 in #help
What are your thoughts on my application flow? Diagrams attached
Exactly.
56 replies
CC#
Created by Lounder on 12/22/2024 in #help
What are your thoughts on my application flow? Diagrams attached
the first one is the key and the second one is the datetime in utc.
56 replies
CC#
Created by Lounder on 12/22/2024 in #help
What are your thoughts on my application flow? Diagrams attached
I just store it like this. {"blkusr:userid", "datetime in utc"}
56 replies
CC#
Created by Lounder on 12/22/2024 in #help
What are your thoughts on my application flow? Diagrams attached
By storing the user id. You will save space and it will make everything easier.
56 replies
CC#
Created by Lounder on 12/22/2024 in #help
What are your thoughts on my application flow? Diagrams attached
All of a sudden you will need to store all jti.
56 replies
CC#
Created by Lounder on 12/22/2024 in #help
What are your thoughts on my application flow? Diagrams attached
What if the user is authenticated in multiple devices?
56 replies
CC#
Created by Lounder on 12/22/2024 in #help
What are your thoughts on my application flow? Diagrams attached
what is an JTI?
56 replies
CC#
Created by Lounder on 12/22/2024 in #help
What are your thoughts on my application flow? Diagrams attached
@Lounder (Please @ on Reply) You don't want to do that. The token is very long. It will take unnessery space.
56 replies
CC#
Created by Lounder on 12/22/2024 in #help
What are your thoughts on my application flow? Diagrams attached
Just make sure you are using a distributed cache. You cannot rely on an in memory cache.
56 replies
CC#
Created by Lounder on 12/22/2024 in #help
What are your thoughts on my application flow? Diagrams attached
@Lounder (Please @ on Reply) You could blacklist there token. Every token has a issued at property. In theory, if a member is no longer part of an team. You can blacklist there id with a timestamp. During authorization, check if the user id is present in the cache. If so compare the issued at from the token against the timestamp from the cache. If the token was issued at after the timestamp mentioned in the cache. It means the token is newer.
56 replies
CC#
Created by Lounder on 12/22/2024 in #help
What are your thoughts on my application flow? Diagrams attached
I would be nice if you can avoid doing that everytime. Maybe by implementing some sort of caching mecanism.
56 replies
CC#
Created by Lounder on 12/22/2024 in #help
What are your thoughts on my application flow? Diagrams attached
@Lounder (Please @ on Reply) If it's done by accessing data from an access token. Make sure that it still applies. Since tokens are mostly static.
56 replies