In our new API we are using JWT Sessionless Authentication and we are using FluentValidation to validate requests. However one of the validations requires information from an object that has already been saved to the database. In previous cases we used OAuth2 session to store such data so that we can access it and validate against it.
How can we approach this issue and is there a way to store such data for validation when using JWT?
Not exactly sure what you mean, if you just want to include extra info in the JWT Token you can use CreatePayloadFilter and PopulateSessionFilter.
I don't think I explained it too well either. As far as I understand the payload is used to store additional information for the authenticated user.
However we wish to store information for an order that user made and then using that information to validate the order item attributes when an order item update is made using the fluent validation. Do you think the payload can be used for that?
The info needs to be available at the time of Authentication, if it is then you can use
CreatePayloadFilter callback to embed the info in the JWT Token and
PopulateSessionFilter callback to restore it and add it on the Users Session.
If the info isn't available at authentication, then you should use a different Cookie to store this info.
Ok. Thank you for the response.