Authentication

Installation

# Check Node.js version (>= 20.12.0)
node -v

# Install dependencies
npm install

# Setup SQLite database
npm run db:reset

# Run in dev mode
npm run dev

# Test it from a browser
curl http://localhost:3000

Explanation

Demonstration of authentification with a signed JWT token.

JWT (= access token) is generated and signed server side, and stored in client browser as a secure http-only cookie.
The access token cookie is automatically send by client browser on each request to the server, authenticating the request.
A refresh token route is available for the client to renew its access token in case it expires while the user is still logged in.
A protection against CSRF attack is added : clients need to send both the access token (in a cookie or Authorization header) and a CSRF token (in custom header) to validate the request is trustfully performed by the client application.

A Vanilla-JS client is provided for demonstration purposes. Any suggestion is welcome!

Name		Name	Last commit message	Last commit date
Latest commit History 16 Commits
client		client
controllers		controllers
lib		lib
models		models
.gitignore		.gitignore
README.md		README.md
config.js		config.js
eslint.config.js		eslint.config.js
index.js		index.js
package-lock.json		package-lock.json
package.json		package.json

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

Uh oh!

Repository files navigation

Authentication

Installation

Explanation

About

Uh oh!

Releases

Packages

Uh oh!

Contributors 2

Uh oh!

Languages

enzoclock/jwt-authentication-express

Folders and files

Latest commit

History

Repository files navigation

Authentication

Installation

Explanation

About

Resources

Uh oh!

Stars

Watchers

Forks

Releases

Packages 0

Uh oh!

Contributors 2

Uh oh!

Languages

Packages