-
Notifications
You must be signed in to change notification settings - Fork 1
Check Token
Leandro Santiago Gomes edited this page Jan 30, 2023
·
1 revision
As an user
I want authenticate request
To grant access to another resources
In all routes that require authentication, the access token must be sent in the header's "Authorization" property. This request will then initially pass through a middleware that verifies whether or not the request is authenticated.
If the request is authorized then the request will proceed as requested. Otherwise, it will be blocked and will return the 401 status of unauthorized.
graph TD
r400([400 - Bad Request])
r401([401 - Unauthorized])
r204([204 - No content])
s((start))
-->|User| s01[Request to logout]
-->|API| s02[Check if request is valid]
--> q01{is valid?}
q01 -->|no| r400
q01 -->|yes| q01y[Verify "accessToken"]
--> q02{is valid?}
q02 -->|no| r401
q02 -->|yes| q02y[Find "userAuth" to "accessToken"]
--> q03{is found?}
q03 -->|no| r401
q03 -->|yes| q03y[Check if "userAuth" is active]
--> q04{is active?}
q04 -->|no| r401
q04 -->|yes| q04y[Remove "userAuth"] --> r204
interface Request {
method: 'POST'
headers: {
authorization: `Bearer ${string}`
}
}interface Response {
status: 204
}