How to validate JWT tokens on Angular Frontend? [closed]
Please help me! I have a study project. There is a Frontend based on Angular 17 and a Backend based on Django Rest Framework. The user should be able to login through a third party API (like Google login). In my code, when a user on Fronend clicks the “log in via API” button, I redirect him to the Backend, then to a third-party service, he logs in there and the backend receives a response from the third-party service that everything is OK. Then on the Backend I create 2 JWT tokens and send them to the query string GET request to the Frontend. Frontend catches this request and authorizes the user, but it DOES NOT CHECK the tokens that they were issued by the backend and that they are correct, but only stores them in the user’s browser. That is, if I make the same request directly from the browser but with a fake secret in the token, then the user is still authorized! The question is - how to fix this? How to check tokens to ensure that they are not fake and send by backend?
chatgpt and google a lot