Node.js and JWT

As we saw in the previous blog about how to secure and store hashed password in Database, today we will see how to secure the ID and send token to do client side using Jsonwebtoken

What is JSON Web Token?

JSON Web Token (JWT) is an open standard (RFC 7519) that defines a compact and self-contained way for securely transmitting information between parties as a JSON object. This information can be verified and trusted because it is digitally signed. JWTs can be signed using a secret (with the HMAC algorithm) or a public/private key pair using RSA or ECDSA.

Let’s setup our JSON web token so that our users can actually sign in and access protected routes. At the top of server.js, import jsonwebtoken:

Now, let’s use jsonwebtoken to sign our token. Start by opening keys.js and adding a key value pair to our key object:

now let’s import our secret key in server.js:

in last code we setup our register route like in the photo below

we’re going to add this chunk of code

after you added our register route will be like this

now is time to test our code and see if everything is good to go… we will try with postman as usual …

if you you followed all the instructions above you will get response back like this…