Search code examples
node.jsloopbackjsstrongloop

Permanent token on loopback

I am building an app using Loopback API that will be consumed by an iPhone APP. There is a connection to a MySQL database where I run some queries to get some results and expose on the API.

  1. The endpoints contain an ACL that will allow only authenticated users to perform any operation, including the GET ones. So basically the requests need to be done using the ?access_token query string.
  2. I want to set a token that can be saved on the MySQL database and can be used "forever" on the API.

I am not sure if I am asking the right question but if this is not the way to solve this problem, what would it be?

My main point is that I need the requests to be authenticated with a token but I don't want to lose this token once it's set.

Any help is appreciated. Thanks!

Solution

  • You can pass the ttl in the credential json sent by you iOS app, in this example the token will live for 60sec, just use a high value for make a token "permanent":

    POST /Users/login  
{
"email":"user@email.com",
"password":"12345689",
"ttl": 60000
}

    Or create a before remote method to change the ttl propertie, check this article:

    LINK