Open In App
Related Articles

JWT Authentication with Node.js

Improve
Improve
Improve
Like Article
Like
Save Article
Save
Report issue
Report

JSON Web Token is an open standard for securely transferring data within parties using a JSON object. JWT is used for stateless authentication mechanisms for users and providers, this means maintaining sessions on the client side instead of storing sessions on the server. Here, we will implement the JWT authentication system in NodeJs.

Prerequisites:

Steps to Installation of the Express Module:

Step 1: Run the following commands to initialize the project and create an index file & env file. (Make sure you have node and npm installed)

npm init -y

Step 2: Installing required packages

npm install express dotenv jsonwebtoken

Step 3: Create our ServerImporting all the dependencies and creating a server using express.js

Step 4: Create Configuration File (.env) This files contains those variables that we need to pass to our application’s environment.

PORT = 5000
JWT_SECRET_KEY = gfg_jwt_secret_key
TOKEN_HEADER_KEY = gfg_token_header_key

Step 5: Create Route for Generating JWTCreating a ‘post’ request that sends the JWT token in the response.

Step 6: Create Route for Validating JWT Creating a ‘get’ request that contains the JWT token in the header and sends verification status as a response.

Project Structure:

Project Structure

The updated dependencies in package.json file will look like:

"dependencies": {
    "dotenv": "^16.3.1",
    "express": "^4.18.2",
    "jsonwebtoken": "^9.0.2",
}

Example: Below is the code example of the JWT Authentication with Node JS

Javascript

const express = require('express');
const dotenv = require('dotenv');
const jwt = require('jsonwebtoken');
 
const app = express();
 
// Set up Global configuration access
dotenv.config();
 
let PORT = process.env.PORT || 5000;
app.listen(PORT, () => {
    console.log(`Server is up and running on ${PORT} ...`);
});
 
// Main Code Here  //
// Generating JWT
app.post("/user/generateToken", (req, res) => {
    // Validate User Here
    // Then generate JWT Token
 
    let jwtSecretKey = process.env.JWT_SECRET_KEY;
    let data = {
        time: Date(),
        userId: 12,
    }
 
    const token = jwt.sign(data, jwtSecretKey);
 
    res.send(token);
});
 
// Verification of JWT
app.get("/user/validateToken", (req, res) => {
    // Tokens are generally passed in header of request
    // Due to security reasons.
 
    let tokenHeaderKey = process.env.TOKEN_HEADER_KEY;
    let jwtSecretKey = process.env.JWT_SECRET_KEY;
 
    try {
        const token = req.header(tokenHeaderKey);
 
        const verified = jwt.verify(token, jwtSecretKey);
        if (verified) {
            return res.send("Successfully Verified");
        } else {
            // Access Denied
            return res.status(401).send(error);
        }
    } catch (error) {
        // Access Denied
        return res.status(401).send(error);
    }
});

                    

Steps to Run the Server:

node index.js

Output: Send Requests and Get Output

  • POST Request:
  • POST Response:

eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJ0aW1lIjoiTW9uIEphbiAxOCAyMDIxIDE2OjM2OjU3IEdNVCswNTMwIChJbmRpYSBTdGFuZGFyZCBU aW1lKSIsInVzZXJJZCI6MTIsImlhdCI6MTYxMDk2ODAxN30.QmWFjXhP6YtbzDAHlcE7mDMyXIdnTv1c9xOBCakNZ94

  • GET Request:
  • GET Request Header:
  • GET Response:
Successfully Verified

Whether you're preparing for your first job interview or aiming to upskill in this ever-evolving tech landscape, GeeksforGeeks Courses are your key to success. We provide top-quality content at affordable prices, all geared towards accelerating your growth in a time-bound manner. Join the millions we've already empowered, and we're here to do the same for you. Don't miss out - check it out now!


Last Updated : 05 Jan, 2024
Like Article
Save Article
Previous
Next
Share your thoughts in the comments
Similar Reads
Complete Tutorials