Menu
In general what is the best way to authenticate the access token in interceptors, If the access token information is stored in HashMap for each and every user, the hashmap grows as the number of users increases. If we query database for every api request, it increases load on database. Please mention if there are any other techniques you know. And also what other things I need to consider while authenticating the access token for every request. What are the pre-processing and post-processing steps while authenticating access token.
Thanks in Advance.
913
Check out Json Web tokens. Using them allows your server to become stateless (not saving any sessions on memory). Its concept is to pass a digital signed token, for every request, and checking that the signature is correct for integrity. Json Web Encryption also can encrypt sensitive data along the token (such as user id).
This makes it very easy to work on a distributed environment
Check out this website: https://jwt.io/. There are some implementations in java and plenty of code examples to start with.
131
If you love us? You can donate to us via Paypal or buy me a coffee so we can maintain and grow! Thank you!
Donate Us With
