Prevent `access` and `refresh` tokens from being added to the user `store` #196

Monstarrrr · 2024-06-17T20:15:00Z

Problem

Currently the tokens are being added to the store because we update the store with the payload data from the API response which contains the tokens as the tokens aren't sent through the Authorization header when login in.

Solution

A. Create a new object that doesn't contain them and send that to the user store instead
B. Ensure tokens are always sent through the Authorization header

I'll go with option B, even though always sending tokens through Authorization header ensures consistency for the project, this header cannot take in multiple tokens (access and refresh), so we'd need to create custom headers, which I believe is not an option provided by Djoser out of the box.

The text was updated successfully, but these errors were encountered:

Monstarrrr added the [ frontend / label Jun 17, 2024

Monstarrrr self-assigned this Jun 17, 2024

Monstarrrr added feature Functionality or significant enhancement for the project security Security-related tasks and concerns bug Something isn't working and removed feature Functionality or significant enhancement for the project bug Something isn't working labels Jun 21, 2024

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

Prevent `access` and `refresh` tokens from being added to the user `store` #196

Prevent `access` and `refresh` tokens from being added to the user `store` #196

Monstarrrr commented Jun 17, 2024

Prevent access and refresh tokens from being added to the user store #196

Prevent access and refresh tokens from being added to the user store #196

Comments

Monstarrrr commented Jun 17, 2024

Problem

Solution

Prevent `access` and `refresh` tokens from being added to the user `store` #196

Prevent `access` and `refresh` tokens from being added to the user `store` #196