You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
If I understand the code correctly in JwtAuthenticationTokenFilter, on every request for data from the api, a database call is made to build the UserDetails, based on username. Would it not be better create the UserDetails based on the claims as parsed from the JWT?
Cheers,
Jim
The text was updated successfully, but these errors were encountered:
You're right. You're solution would also work and make the database calls unnecessary. In other scenarios it could be necessary to load more information than it is present in the token. Because this is just a demo I leave it as it is, but I mention your comment in the code.
If I understand the code correctly in
JwtAuthenticationTokenFilter
, on every request for data from the api, a database call is made to build the UserDetails, based on username. Would it not be better create the UserDetails based on the claims as parsed from the JWT?Cheers,
Jim
The text was updated successfully, but these errors were encountered: