Backend security

Website Community Blog

Search…

Welcome

Guides

SDK

API

Use cases

FAQ

Backend security

More advanced backend security could also be achieved with access_token from hivesigner. You can make sure only user you want can access certain content, this way you don't have to add your own security layer just utilize what Hivesigner already provides you.
Below simple code makes sure that access_token is indeed signed by user. And checks to makes sure keys matches perfectly.
    const message = JSON.stringify({
                signed_message: signedMessage,
                authors: tokenObj.authors,
                timestamp: tokenObj.timestamp,
        })
    let hash = cryptoUtils.sha256(message)
    ...
    account[type].key_auths.forEach((key: string[]) => {
        if (
           !validSignature
           && PublicKey.fromString(key[0]).verify(hash, Signature.fromString(signature))
        ) {
              validSignature = true;
          }
    });
This combined with Imagehoster verification is perfect combination of security you can get in your app to serve user specific pages like drafts, bookmarks, images, etc.
​

Use cases - Previous

Imagehoster

Next - Use cases

Last modified 1yr ago

Export as PDF

Copy link

​