from your backend codebase you can determine the object of data you want to return to the client...
for example.. twitter uses graphql and if you want to request for a particular object/data of a user.. it will never return user's password because it has been removed from the column you can play with..
moreover, when you are authenticating a user, it better to use client token verification such as jwt(Json Web Token)
For further actions, you may consider blocking this person and/or reporting abuse
We're a place where coders share, stay up-to-date and grow their careers.
from your backend codebase you can determine the object of data you want to return to the client...
for example.. twitter uses graphql and if you want to request for a particular object/data of a user.. it will never return user's password because it has been removed from the column you can play with..
moreover, when you are authenticating a user, it better to use client token verification such as jwt(Json Web Token)