warden-jwt_auth icon indicating copy to clipboard operation
warden-jwt_auth copied to clipboard

Published 20 hours ago verified publisher icon waiting-for-dev

Decoding User when fetched from another service

Open toomanyjoes opened this issue 4 years ago • 1 comments

Will this library work for the use case when the service that uses this library doesn't have access to the users table directly? For example if the JWT is authenticated could find_for_authentication be overwritten to make a call to another service from which the User data is fetched to set on warden?

My understanding of warden may be a little lacking but from what I understand it doesn't care much about the session and is happy with just a user id for session information.

Thanks!

toomanyjoes avatar Jun 08 '21 22:06 toomanyjoes

Hi @toomanyjoes ,

you end up defining jwt_subject at the user instance level, and that's what you will get as the sub payload when you decode a token. So, if you can use it to fetch your User then, yes, you can override find_for_jwt_authentication to perform the call.

waiting-for-dev avatar Jun 09 '21 02:06 waiting-for-dev