Scribd
Upload
36 views2 pages

JWT Token

The document discusses how to implement JSON Web Tokens (JWT) for user authentication in a MongoDB database with a Node/Express backend and React frontend. It explains storing a JWT in the user document, cookie, and using it to auto-login users by verifying the token on subsequent requests without requiring re-authentication each time. The key steps covered are generating and signing a JWT with a secret key, verifying it, and expiring the token after a set time for security.

Uploaded by

NAMAN KOTHARI
Copyright
© © All Rights Reserved
We take content rights seriously. If you suspect this is your content, claim it here.
Available Formats
Download as DOCX, PDF, TXT or read online on Scribd
36 views2 pages

JWT Token

The document discusses how to implement JSON Web Tokens (JWT) for user authentication in a MongoDB database with a Node/Express backend and React frontend. It explains storing a JWT in the user document, cookie, and using it to auto-login users by verifying the token on subsequent requests without requiring re-authentication each time. The key steps covered are generating and signing a JWT with a secret key, verifying it, and expiring the token after a set time for security.

Uploaded by

NAMAN KOTHARI
Copyright
© © All Rights Reserved
We take content rights seriously. If you suspect this is your content, claim it here.
Available Formats
Download as DOCX, PDF, TXT or read online on Scribd
You are on page 1/ 2

The entire procedure done in  Stylab work  cards-frontend-mongodb & cards-backend-mongodb

The procedure includes:-

Creating a jwt token inside of the user schema of the mongo db so as to add the signed token to that
users data in the database, make a cookie out of that jwt token and then send it to the front end so
it gets stored as cookies on the users device and then doing two things usinf that cookie:-

1- send it to the backend when user tries to access something without logging in/ something like
that and show the user the login page instead of the requested one so as to make sure that he logs
in first and then only can he see the page

2- to grab the cookie in which the token of the user Is already saved after that user has already
logged in one time before and so that he/she doest need to log back in ervru time they do come visit
the site  this can be done by using a function like componentdidmount/ useEffect which call the
api before the app mounts things so that that api can grab the token of the user from the device,
extract the details of that user and auto log him in.

What is Jwt? – it is nothing but takes the unique tokens of users that have logged into some website
in the form of cookies and stores it so that the next time the user visits that website he/she doesn’t
have to log in again and his/her information of last time still remain there.

First install the npm by running :- npm i jsonwebtoken

Import jwt from “jwtwebtoken”;

Jwt.sign({_id: “43232”}, ”secretkey”)  the secret key Is used to verify that the user is authentic and not any other user.

👆Payload passing(it should be unique for every user.)

.then(token => {

experiesIn:”2 seconds” //it will automatically sign the user out after a certain amount of time so as
// to make the site secure such as bank websites do

Jwt.verify(token, “secretkey”)

.then(finalkey => { console.log(finalkey)})

})

createToken();

it is completely stateless which is why the server doesn’t know anything about it, anything before it
or anything after it.+

There are three things in any given token which are separated by dot and those three things are
1- algorithm and token type (HEADER – type usually jsonwebtoken)

2- payload data (payload = body’s data)

3- signature verfication

You might also like