this is the master branch for the server-side code of this implementation of a jwt auth strategy
Both Backend and Frontend should be considered as separated projects each one with its dependencies. if you are about to contribute to this project or just to play around with the code I suggest cloning each master branch in different folders
and express app using and http server to handle the signing and verification of access and refresh tokens.Storing the refresh token of each device where an user legged in,using MongoDB. the tokens are rotated accordingly to minimize the damage of a possible token leak/hack
this image explains dead simple how the jwt strategy works
For handling the authorization for each route I'm using middlewares that check the authorization header in each request as well as the origin to handle CORS accordingly
If you have a suggestion that would make this better, please fork the repo and create a Pull Request. You can also simply open an issue with the tag enhancement.
Don't forget to give the project a star ⭐!
-
Fork the project
-
Clone the repository
git clone -b master-backend https://github.com/AlejoTorres2001/jwt-auth-app.git- Create your Feature Branch
git checkout -b feature/AmazingFeature- Push to the Branch
git push origin feature/AmazingFeature- Open a Pull Request