Sample Project for JWT authentication in a Single Page App
This project was inspired by known issues for storing JWT tokens in an SPA, and serves as an attempt at a MEVN stack implementation of a two-cookie SPA authentication method.
- Reduce the surface area of attack for user authentication
- Compatibility with OAuth 2.0 and good ol' username + password
- Username and password can be supplemented with optional 2FA
- Users can get a different post-login user experience depending on their account type and user permissions
- Sessions can be terminated in client or server
- Sessions can be expired after a given amount of time
yarn installTo start the dev client and server, run:
yarn startThen navigate to localhost:8080.
- By signing JWT tokens with a uuid-generated string generated for each user, this method remains stateful to avoid user forging.
For information on how to contribute to this project, please refer to the contributing guidelines
👤 JT Houk jt1992@gmail.com (https://jt.houk.space/)
- Twitter: @Houkasaurus_Rex
- Github: @Pterobyte
Give a ⭐️ if this project helped you!
