I am currently learning React + Slim PHP to create full stack app.
I wanted to learn more about authentication/authorization. From what I read, JSON Web Token (JWT) is the way to go. Further reading lead me to an article for creating authentication/authorization -- it looks simple enough. But the only thing I don't like is that I have to use UserFront library for this.
What I would like to achieve is authentication/authorization that resides within my server. Like I would use my React App locally and preferred not to use the Internet for my app to work.
Top comments (2)
You can use the jwt library itself, jwt was made by auth0: npmjs.com/package/jsonwebtoken
In your BE create a token by using the sign method, send it to the FE and put it in the request headers on each request to the BE then in the BE use the verify method to verify the token is valid.
Oh and dont put secrets like the user password in the token. The contents of the token are visible in the FE.