Angular

How to organize registration, authorization and roles in a Node.js application?

Good afternoon. I reached user authorization in my application (Node.js + Angular2 + MongoDb) Before trying, I would like to clarify some things for myself:
1) I do registration as usual - username, password ..... - before saving to node .js I check for uniqueness and do

UserSchema.pre('save', function (next) {
  if (this.password && this.isModified('password')) {
    this.salt = crypto.randomBytes(16).toString('base64');
    this.password = this.hashPassword(this.password);
  }

  next();
});

Is it so? Is this crypto enough to save the password?
2) I heard about authorization and authentication, but never used jwt. I found the "library" angular2-jwt , but this is the client part, and, as I understand it, the server part is needed, which will send the token to the client. Any examples with the server and what should be included in this token?
3) In the case of jwt - how is the verification of private information organized? For example, pages with personal information, your settings, and other things?
4) In my application, it is necessary to make access to the pages of users that they can exchange. Those. there is, for example, some kind of post to which the owner of the post can give access to other registered users. Something like

var BlogPost = new Schema({
  title: {
    type: String  
  },
  content: {
    type: String
  },
  date: Date,
  UserAccess : {
    // User_id1, User_id2,User_id3
  }
});

How to organize check for access to BlogPost? To request the UserAccess field before submitting the page, and how to tie it to authentication (but should I?) Are there any examples of access checking?
Sorry for the many letters for the vagueness of the questions, but I will be glad for any information.