Skip to content
Announcing the Appwrite X MongoDB partnership
Start building
Back

Verify Integrity Before Deleting User

  • 0
  • Self Hosted
  • Functions
  • Web
View on Discord
Collin
27 Mar, 2024, 20:15

I am working on a Function with the NodeJS SDK that allows the users to delete their account. But I am wanting to find a good approach to verifying the integrity of the request is being made by that user and not someone doing so maliciously. The client side sdk is the web sdk and I am using React Native to build the mobile app. Some approaches I have looked into and tried to implement was the user passing their user id and session id over HTTPS and the server checking to see if that session exists and if the user exists inside that session, but the NodeSDK doesn't seem to be able to do this because I get general_unauthorized_scope and (role: applications) missing scope (account) as an error. Just looking for the best approach to implement this safely. Thanks!

TL;DR
Developers are seeking a secure method to verify user integrity before allowing account deletion. They are working with a NodeJS SDK and considering using JWT tokens for verification. Initially tried passing user ID and session ID but encountered authorization errors. The NodeSDK was unable to perform the check due to missing scopes. A safer approach is needed for implementation.
Evdog
27 Mar, 2024, 20:44

JWT token would likely be ideal here I believe

Collin
27 Mar, 2024, 20:51

Okay so I can create the JWT and send it over to my NodeJS SDK. Would the verification be something similar to this example?

Reply

Reply to this thread by joining our Discord

Reply on Discord

Recommended threads

Need support?

Join our Discord

Get community support by joining our Discord server.

Join Discord

Get premium support

Join Appwrite Pro and get email support from our team.

Learn more