Signup gautam #6
Conversation
|
Good work @gautam-bhagat! Your work is under review. We will get back shortly. |
|
@gautam-bhagat We generate JWT token on user login, which you havent incorporated. Please include it, and also, there's no need to generate JWT on signup |
|
@sikehish The JWT token is generated on signup and stored! |
There was a problem hiding this comment.
Hey @gautam-bhagat,
Generating and storing JWT tokens during the signup process and saving them for future use in a database is not a common or recommended approach, as it can introduce security risks if not handled correctly. JWT tokens are usually generated each time a user logs into an app and are used to authenticate and authorize the user for subsequent requests.
TLDR; JWT tokens are not generated during the signup process but are generated and tied to the user's session after a successful login.
So,
- Could you please move the generation of the JWT token to the login endpoint?
This would involve moving the code that generates the JWT token to the login endpoint and changing the table's structure to remove the token attribute. - Also, you are not using the environment variable you've defined in the .env file
Once you do that, we can merge your PR since the remaining code is well-written.
Hey,
The issue #3
The endpoint for signup is completed!!
It consists Email Validation : where it doesn't allow the user to use invalid mail
It also has unique email feature i.e : one email can be used for only one email
Password Encryption : The password are stored in encrypted manner
JWT : JSON web token is also implemented for API calls
Regards,
Gautam B.