Manually check is user is valid (crsf token + time + user id)

Jean-Baptiste

Jean-Baptiste

Well-known member
Hello,

How can I manually check that the user doing something is allowed to do that ? (I don't understand how does XenForo check if user id + request time + crsf token are valid).

Regards.
 
Any ideas ?

In fact, I would like to do that because I'm using pure javascript server side so the methods like "getUserId" or "isModerator" are not available.
 
You must log in or register to reply here.

Similar threads

K
Possible security issue: API Login Token always allows permanent login
Replies
0
Views
410
Kirby
K
C
  • Question Question
plugin sso handle with jwt
Replies
0
Views
308
control1390
C
spk100
Change email status to invalid for bounced addresses
Replies
8
Views
414
TPerry
TPerry
GameNet
  • Suggestion Suggestion
Manage API Access Tokens section in account settings
Replies
7
Views
843
GameNet
GameNet
grantus
  • Solved
XF 2.1 Best way to delete previous record?
Replies
6
Views
350
grantus
grantus
Top Bottom