@SpaghettiRealm
That’s basically authentication đŸ˜‚
@michimansi
How to invalidate the token, if it get public
@Pathfindersdomain
So, when a user visits the website, all you need is their email to sign in, they then get an email with a link with the token in and then use that link/token to navigate the rest of the site as a valid User. This negates the need for a password, as the user email is the 'two factor authentication'. However if someone gains access to the users email, then the user will already be compromised. So you only need to protect your email with a strong enough password to be secure. How long should the token last, before a new link/token is required?
@LeHumster
Isnt this more authorization rather than authentication? What are we authenticating against in this example, for example. Lets say im developing a social media app that needs users to register, login, access their user profile page, we would probably need some custom logic to ensure its the correct user so the JWT access token isnt a security risk, right? Also would ensure only the correct user can access their profile.
@AB-yn2rz
I didn't get the update preferences part? So it's just the preferences sent in a get request along with token that uniquely identifies the email?
@jengkhaw15
I think that’s some sort of authentication
@_MohammadZobairHossain
What's the name of vs code theme you are using?
@johnpagley