Node JS: Authentication and Authorization with JWT in Express.js
Hello everyone, Today we will learn how to use the JWT token to handle authentication and authorization in Express. You can download the source code from our GitHub repository, Download link is provided at the end of this post.
What is JSON Web Token?
JSON Web Tokens (JWT) have been introduced as a self-contained way for securely transmitting information between parties as a JSON object.JSON Web Token (JWT) is an open standard (RFC 7519) that defines a compact. This information can be verified and trusted because it is digitally signed. JWTs can be signed using a secret (with the HMAC algorithm) or a public/private key pair using RSA or ECDSA.
When should you use JSON Web Tokens?
- Authorization: Once the user is logged in, each subsequent request will include the JWT, allowing the user to access routes, services, and resources that are permitted with that token.
- Information Exchange: JSON Web Tokens are a good way of securely transmitting information between parties. Because JWTs can be signed—for example, using public/private key pairs.
- Add user (No authentication/authorization required)
- Get all users (Authentication/authorization required)