Angular security -- Authentication with JSON Web Tokens (JWT), complete guide

Click for: original source

Angular university brought you this a step-by-step guide for both designing and implementing JWT-based Authentication in an Angular application. The goal here is to discuss JWT-based Authentication Design and Implementation in general.

In a nutshell, JWTs are digitally signed JSON payloads, encoded in a URL-friendly string format. A JWT can contain any payload in general, but the most common use case is to use the payload to define a user session.

The guide follows the complete journey of a JWT from creation on the Authentication server and back to the client, and then back to the Application server and talk about all the design options and decisions involved.

Selected points touched by the article:

  • JWT-based Authentication in a Nutshell
  • User Login in an Angular Application
  • Creating a JWT Session Token using node-jsonwebtoken
  • Sending a JWT back to the client
  • Where to store a JWT Session Token?
  • Checking User Expiration
  • Building a custom Express middleware for JWT validation

… and much more. Perfect!

[Read More]

Tags nodejs javascript angular infosec apis