0
In an app I need to edit the registration data of a user such as name, email, phone and password (for the optional password, I found this solution).
However this change is made via API. Since it involves data change I need to know how to make this change safely. If it were only on the web I would use current_user which would guarantee me that only the logged-in user would change their own data. But in this case I don’t know how it works.