Best practices for securing NodeJS API created with Swagger
Question
I have created an API with NodeJS and Swagger that works well, but anybody can call it and I want to restrict it to the users that have a valid API Key. Are there any best practices that I need to use for securing the API? Just adding the api key in the request? Generating a token and adding it to the request header?
1 answers
solution1
0 ACCPTED 2017-01-23 03:03:48
That makes oauth is born. Look at https://www.digitalocean.com/community/tutorials/an-introduction-to-oauth-2
The technical post webpages of this site follow the CC BY-SA 4.0 protocol. If you need to reprint, please indicate the site URL or the original address.Any question please contact:yoyou2525@163.com.
Related Question
Securing Nodejs express API
NodeJS best practices with Promises
Swagger API Documentation in NodeJS
NodeJs best practices for scheduled process?
NodeJS best practices for catching errors
Nodejs Code Reusing Best Practices
nodejs mongo prototype best practices
Securing NodeJS RESTful API and React client app
Securing a nodejs / sailsjs API with OAuth2
securing a REST api for nodejs/express/passport
Related Tags