You will get URL like this http://localhost:7878 server running on port number 7878
Methods
1. Signup
Signup :- http://localhost:7878/auth/signup
Email and password saved in the mongodb, password stored in hashed formate.
{
"email": "demo@gmail.com",
"password": "demo"
}
http://localhost:7878/auth/signup
2. Login
Login :- http://localhost:7878/auth/login
After giving right credential system provided two different token
Access Token: which has expired time round 3 min
Refresh Token: which has expired time round 5 min, by this token we can refresh or create new access token for our app.
{
"email": "demo@gmail.com",
"password": "demo"
}
http://localhost:7878/auth/login
Refresh
Login :- http://localhost:7878/auth/refresh
With the help of this url system will verify token expired date and after verify system generate new token.
Access Token: which has expired time round 3 min
Refresh Token: which has expired time round 5 min, by this token we can refresh or create new access token for our app.
//accept this in headers authorization_refreshconstrefreshToken=req.headers["authorization_refresh"];
http://localhost:7878/auth/refresh
Logout
Login :- http://localhost:7878/auth/logout
With the help of this url system will logout and access_token and refresh_token stored under backlist data base
Access Token: which has expired time round 3 min
Refresh Token: which has expired time round 5 min, by this token we can refresh or create new access token for our app.
//accept this in headers authorization_refresh &authorization_accessconstaccess_token=req.headers["authorization_access"];constrefresh_token=req.headers["authorization_refresh"];// console.log('token:', token)consttokenPushAccess=newblacklistModel({blackListItem: access_token,});awaittokenPushAccess.save();consttokenPushRefresh=newblacklistModel({blackListItem: refresh_token,});awaittokenPushRefresh.save();
http://localhost:7878/auth/logout
Verify
Login :- http://localhost:7878/auth/verify
By this url user can get details from token
//accept body as tokenconst{ token }=req.body;// then with the help of jwt.verify getting all details under jwt tokenconstverification=jwt.verify(token,"XXXXXXXX_XX");
http://localhost:7878/auth/verify
page
By this url when user move from one page to other and during that period if user access_token get expired on that time this url help to notified user
It has middleware (i.e. middleWareAuth) where they verify token expiry and notified to users and base on that this url will run http://localhost:7878/auth/refresh and get new token and set new token in headers