jwt token
// Import the module
import jwt from "jsonwebtoken";
// You will need a SECRET KEY to create the token, I would recommend to store
// it inside a .env file. For this example though, I will store it a variable.
const secretKey = "ro8BS6Hiivgzy8Xuu09JDjlNLnSLldY5";
// Data that will be stored inside the token. In this example we will store the
// name and the role of each user
var payload = {
name: "Roger",
role: "Admin",
};
// Generate the token
const token = jwt.sign(payload, secretKey);
// The token is ready to send to the client. REST API example:
res.status(200).send(JSON.stringify({ accessToken: token }));
// Client will store your token the following way: "Bearer " + token
// How to decode a user's token and get its payload. REST API example:
const authHeader = req.headers["authorization"]; // Client will send you back the token inside request's authorization header
const token = authHeader && authHeader.split(" ")[1];
if (token == null) {
res.status(401).send(); // Unauthorized
}
var decoded = jwt.verify(token, secretKey, (err, user) => {
if (err) {
res.status(403).send(); // Forbidden
}
});
// Do what you want to do with the data
// Remember that this is for learning purposes only. You should create FUNCTIONS
// AND MIDDLEWARES so you do not repeat code.