G
G
gallantalex2017-10-11 15:40:54
JSON Web Token
gallantalex, 2017-10-11 15:40:54

How to organize work with a token in NodeJS Express?

How to properly organize the work and verification of the token?
I have several routes in my api that need to be secured and only available to certain users.
I understand correctly that I must write the user's id into the token and save it in the user's database and give it to the front. And when I send a request from the front, I will put a token in the request header.
On the backend, I:
1. Accept the request
2. In the middleware , decrypt the token
3. I get the user id there
4. I find this user
5. If everything is ok - next(); and then I give some data
6. If there is no token or user, then I send an error message
Is this how the system of work with tokens is built? Are there any other steps needed or vice versa - some are superfluous here? I found a lot of information on how to register and log in correctly, but there is little information about working with closed routes and checking tokens.

Answer the question

In order to leave comments, you need to log in

Didn't find what you were looking for?

Ask your question

Ask a Question

731 491 924 answers to any question