/jwt-best-practices-server

Best Practices JWT Express Sever w/ Register and Login

Primary LanguageJavaScriptMIT LicenseMIT

Express JWT Auth Best Practices Project

This Repo has three branches for the different parts of the project (good vs bad practices) As explained on Youtube Video Tutorial: https://youtu.be/FVmxtmzyrSw

Branches for Bad & Good Practices

  • master has the best approach with all implementation, same as: redis-blacklist branch
  • bad-auth (Bad JWT Practices - No Session - Storing on Localstorage)
  • good-auth (Good JWT Practices - No Session - Storing on HTTP-ONLY cookies)
  • redis-blacklist (Server Session implementation using Redis with Blacklist technique)

Includes API Server utilities:

  • morgan
    • HTTP request logger middleware for node.js
  • helmet
    • Helmet helps you secure your Express apps by setting various HTTP headers. It's not a silver bullet, but it can help!
  • dotenv
    • Dotenv is a zero-dependency module that loads environment variables from a .env file into process.env

Development utilities:

  • nodemon
    • nodemon is a tool that helps develop node.js based applications by automatically restarting the node application when file changes in the directory are detected.
  • eslint
    • ESLint is a tool for identifying and reporting on patterns found in ECMAScript/JavaScript code.
  • mocha
    • ☕️ Simple, flexible, fun JavaScript test framework for Node.js & The Browser ☕️
  • supertest
    • HTTP assertions made easy via superagent.

Setup

npm install

Lint

npm run lint

Test

npm run test

Development

npm run dev