Node.js JWT Authentication

In this tutorial, we’ll implement JSON Web Token (JWT) authentication in a Node.js application using Express and the `jsonwebtoken` package.

1. Setting Up the Project

First, create a new project and install necessary packages:

mkdir jwt-app
cd jwt-app
npm init -y
npm install express jsonwebtoken body-parser

This initializes your project and installs Express, jsonwebtoken, and body-parser.

2. Create JWT Token

In `app.js`, create the routes to handle authentication and generate JWT tokens:

const express = require('express');
const bodyParser = require('body-parser');
const jwt = require('jsonwebtoken');
const app = express();
app.use(bodyParser.json());

// Secret key for signing the JWT
const secretKey = 'your-secret-key';

// Mock user data
const user = { id: 1, username: 'user', password: 'password' };

// Authenticate and generate JWT
app.post('/login', (req, res) => {
    const { username, password } = req.body;
    if (username === user.username && password === user.password) {
        const token = jwt.sign({ id: user.id, username: user.username }, secretKey, { expiresIn: '1h' });
        res.json({ token });
    } else {
        res.status(401).send('Invalid credentials');
    }
});

// Protected route (requires JWT)
app.get('/protected', (req, res) => {
    const token = req.headers['authorization'];
    if (!token) return res.status(403).send('Token is required');

    jwt.verify(token, secretKey, (err, decoded) => {
        if (err) return res.status(403).send('Invalid token');
        res.json({ message: 'Protected content', user: decoded });
    });
});

app.listen(3000, () => {
    console.log('Server running on http://localhost:3000');
});

This code provides a login route that generates a JWT when correct credentials are provided and a protected route that requires the JWT for access.

3. Testing the Application

You can test the application using Postman:

  • Send a POST request to /login with the correct username and password to receive a JWT token.
  • Send a GET request to /protected with the JWT token in the Authorization header.

4. Conclusion

By following this tutorial, you’ve implemented JWT authentication in your Node.js application, allowing users to securely access protected resources.

0 Interaction
180 Views
Views
49 Likes

You need to be logged in to participate in this discussion.

×
×
×
🍪 CookieConsent@Ptutorials:~

Welcome to Ptutorials

$ Allow cookies on this site ? (y/n)

Terms & Conditions Cookies Policy
top-home