express-jwt icon indicating copy to clipboard operation
express-jwt copied to clipboard
verified publisher icon auth0

Updated index.js

Open sohamdodia opened this issue 8 years ago • 1 comments

Added extra security layer. UserId needs to be passed as id in headers along with the token in order to verify the request comes from the same source. Decoded jwt token is matched against userid which is passed in headers to make sure that if the jwt token intercepted by some third party it must not be able to use the token to manipulate other users data.

sohamdodia avatar Sep 25 '17 08:09 sohamdodia

Whoops! didn't mean to resurrect an ancient PR, sorry!

fbartho avatar May 02 '22 17:05 fbartho