Table of contents
Introduction
The Concept of Authentication and Authorization
Authentication
Authorization
Setting up the devel...
For further actions, you may consider blocking this person and/or reporting abuse
Good article, thank you. But I found some bug in login logic. Need add await for this code, because isPasswordValid - always return Promise (true). Thanks again)
Correct! Thanks for pointing out Maksym.
My hands are presently full. Will edit the article once I have a free time
I found that too. The guide is very useful and valuable. Please correct the mistake for the new learners. Thanks.
If the command
crypto.randomBytes(20).toString(‘hex’)does not generate a secret access token for you, then try the following one, i.e.Hi guys, I fixed the bug. Thank you all.
@trener_107 @mrmalik16
That a really good post, good for beginners and for a refresher on how to put things together building an auth system in express.
This is useful and amazing. Thanks a lot.
Thank you for the amazing content it really helped me
absolutely beautiful article 🙏 really helped with learning how JWTs work, thanks :D
Thank you very very much Josh, for taking your time and writing this post.
Is there anyone have problem to check the authentication when user login and then try to authenticate the user it give the error session has expired and i just login.
what would be the possible reason ?
@muhammad_umerqazi can you check your request header to be sure you're sending a valid token. Also check your generate token logic
Yes, there was the issue import the token, Now its working. Thanks for highlighting the point
Hello, thanks for this post. It was a very interesting day doing this! I have some stuff to point out.
On authorization logic, in the verify function the import from the token is not correct, we must import only the SECRET_ACCESS_TOKEN and not config. SECRET_ACCESS_TOKEN.
On the creation of VerifyRole, in VerifyRole function the async is missing.
Thank you.
hello why are
const app = express() , const server = express() ?
@golbangi1000 I corrected the two server instances
It doesn't matter how you name a variable, the app and the server variable will always be the same and behave the same way.
nice article...
I am glad this helped you. If you have any question regarding this, you may drop in the comment
values imported from dotenv file are read "undefined". What should I do?
Sorted out!! .env file was inside v1 folder.
JWT are supposed to be stateless right?