Authentication and Authorization
auth/auth.go
file.
EdDSA
for enhanced security.user_id
in the tokens
table.HTTP
, the tokens are sent in the authorization
header as Bearer
tokens.gRPC
, the tokens are sent in the metadata
as authorization
tokens.auth/auth.go
file.
CheckUserAttr
function:authorization
header or the metadata
.
Then, in the service layer, validate the token and check the access: