✅ How does server fetch information from the correct user?
Title says it all.
i have a asp.net and have implemented all the api endpoints and all that. and up to this point i have just gave the users their ID in the DB and they required to give that ID back to get the information they want. but now im thinking this is not very secure way of doing it.
i have set up authorization and whenever a user wants to fetch a user specific info then i check the given token to the token that is stored in the user info. if it matches then i'd return the requested stuff.
is there a more elegant/secure way of handling this?
i have a asp.net and have implemented all the api endpoints and all that. and up to this point i have just gave the users their ID in the DB and they required to give that ID back to get the information they want. but now im thinking this is not very secure way of doing it.
i have set up authorization and whenever a user wants to fetch a user specific info then i check the given token to the token that is stored in the user info. if it matches then i'd return the requested stuff.
is there a more elegant/secure way of handling this?
