[Realm Auth] Validate if user is authenticated from server-side (PHP)

How to validate if user is authenticated at the server side, like PHP?

From the front end we could send all data needed, like userId, authId, providerId/providerType, accessToken, refreshToken, but how to check on server side that the user is authenticated?

Tried to find an API here but no success https://docs.mongodb.com/realm/admin/api/v3

A real-world use case: I tried to use Realm Functions to upload large images (10Mb) but given its 30s input timeout Realm functions 30s input timeout I had to resort to a web server to handle the uploads, so now I better validate if the user is authenticated before proceeding with the upload and MongoDb update. Otherwise my API will just allow anyone with a leaked AuthId to upload anytime, anywhere.

Thanks!

Hey Andre - this thread will provide more context, but tldr - this feature has been prioritized for near-term work: Verify Access Token server side

Thanks. Will keep an eye into that.

This topic was automatically closed 5 days after the last reply. New replies are no longer allowed.