Skip to content
/ jwt-authentication Public

This repo contains a NodeJS WEB API application which implements the JWT token access strategy.

0 stars 0 forks Branches Tags Activity
Star
Notifications You must be signed in to change notification settings

mdibenedetto/jwt-authentication

BranchesTags

Folders and files

NameName
Last commit message
Last commit date

Latest commit

 

History

14 Commits
.gitignore
.gitignore
 
 
README.md
README.md
 
 
models.js
models.js
 
 
package.json
package.json
 
 
server.js
server.js
 
 

Repository files navigation

jwt-authentication

JWT Authentication with NodeJS

This is a simple example which explains how to use the JWT, the example was built following the tutorial in:

https://jwt.io/introduction/

START UP

  • Open a command line inside the project folder
  • RUN npm install
  • RUN node server

TEST

Test on https://glitch.com

jwt-authentication on Glitch

Test on yur machine

  • Download Postman which helps to make http request (this optional since you can use any other tool or use your own client to make request)
  • in Postman:
  • you should get an error since any login was not done yet
  • in Postamn:
    • URL: http://localhost:3000/login
    • Method: POST
    • x-wwww-form-urlencoded: create 2 keys for your body (userName: test, passWord: test-pwd or userName: admin, passWord: admin-pwd)
  • you should get the response
  {
     "message": "test is now logged in.",
     "userType": "Normal",
     "token": "eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJ1c2VyTmFtZSI6InRlc3QiLCJpYXQiOjE0OTU2MzgxNDh9.jul0qpw2PIHEkK6VPLQeCcmHW-wEQ9ak9NEZixTDUlM"
   }

the attrite "token" is what you need to use to make your next request

  • in Postman:
    • URL: http://localhost:3000/api/prods
    • Method: GET
    • Headers: create a key "Authorization" with "value" Bearer {{token atribute previosly retrieved from our login}} ex: Bearer eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJ1c2VyTmFtZSI6ImFkbWluIiwiaWF0IjoxNDk1NjM2NDUxfQ.CrnjTx_v2wFKd0dyQ2xi3Iin2RQ63nJczDdCcjGTr1w
  • you should get the response
   [{
     "title": "prod-1",
     "desc": "prod-desc-1",
     "available": false
   },
   {
     "title": "prod-1",
     "desc": "prod-desc-2",
     "available": true
   }]

NODEJS BASIC LIBRARIES

  const express = require('express');
  const app = express();

JWT LIBRARIES FOR "EXPRESS"

  const bodyParser = require('body-parser');
  const expressJWT = require('express-jwt');
  const jwt = require('jsonwebtoken');
  const SECRET = 'myAuthationcation test';
  • ExpressJWT AND jwt are the main libraries to use JWT
  • Firstly the "secret key" to use
  app.use(expressJWT({
      secret: SECRET
  })
  • Secondly call the method "unless" to set the list of route paths which do not need to have a token validation, in the most common cases could be "./login"
.unless({
    path: ['/login']
}));
  • in "'/login'" route we send to the client the token which needs to be sent in any request
app.post('/login', function (req, res) {
.......
    if (!user) {
      .....
    } else {
        var mmyToken = jwt.sign({
            userName: user.userName
        }, SECRET);
        res.status(200).send({
            message:  `${user.userName} is now logged in.`,
            userType: `${user.isAdmin ? 'Admin' : 'Normal'}`,
            token: mmyToken
        });
    }
....
}
  • This is the basic setup and cose you need to use JWT. I a client scenario you use save the token in the local storage (or any other approach to do client store)

About

This repo contains a NodeJS WEB API application which implements the JWT token access strategy.

Topics

nodejs jwt jwt-token jwt-authentication

Resources

Readme
Activity

Stars

0 stars

Watchers

2 watching

Forks

0 forks
Report repository

Releases

No releases published

Packages

No packages published

Languages