Bearer Token
- What else should web socket support in your opinion?
- Ability to generate API tokens for regular users is a pretty common practice. Not sure why that's a concern.
- Maybe the Bearer token, since mobile does not handle cookies in a straightforward way like the browser, but like I said maybe I'm more dumb than i think.
- That's strange to me, since the "normal" user would never know what to do with a "token". Maybe it is popular in Russia.
Anton, the Bearer token lifetime,
only ends on the defined date? I wanna use it in my react native app upon generated once, per client. It should works?
Bearer token is not something you can pass from a web app. And you can definitely set up a mobile app to use cookies without any problems. We used to have fully native mobile apps that do that.
How is Russia related to anything? We're not based in Russia, if that's what you're implying. And it's not something specific to a country. All big tech companies, like Google, Microsoft, Facebook etc, allow regular users to generate keys and tokens for various services and apps. And I'm sure it's a very common practice in your local tech companies as well.
why Bearer token is not something you can pass from a web app ?
You are right about 2.
How do you pass it from a web app? Please provide an example.
There is some reason socket only supports cookie? I mean, it's about security concerns?
Another question, what is the lifetime of an session in the backend? ( with persistence and no persistence )
and the last one, why a normal user ( not admin ) has the ability to issue "Tokens" to me, it does not make much sense, or I missing something.
I would be very thankful if you can answer this questions. Thanks a lot for this amazing tool and sorry for these dumb questions, but I need this to understand better