JSON web tokens (JWT) are a convenient way to authenticate users on your platform. The simplest version of handling JWT authentication looks like this: creating a token by signing it with a secret key that is only known to your application. Once created, you send off the compact form of …

Handling errors plays a major role in your application. In error situations, you want to know the details of the issue and how to solve it. When developing your app, you can create your own errors. Errors in Node.js are extensible classes. This tutorial walks you through the creation …

When using JSON web tokens in your application, you’ll find JWT related implementations in different places. For example, creating a new JWT is part of a login route handler. Authenticating an incoming JWT takes place in an authentication strategy. Refreshing a JWT, JWT logout, or token blacklisting are use …

The development lifecycle of NPM packages is fast. You’ll regularly notice releases that contain new features or bug fixes. Over time, your project’s dependencies go out of date and you need to invest time into updating the third-party packages. Show Outdated NPM Packages The NPM CLI shows outdated …

Security must be a major concern in every application. You should assign rigid security rules for your authentication-related API endpoints. The mini-series “building a rate limiter” here on Future Studio goes through the implementation of a rate limiter. If you didn’t code along in the series, you can grab …

Running an Ubuntu or Debian operating system on your servers comes with a long lifetime. You won’t switch servers and migrate your applications that often. You’ll maintain your system now and then and update installed packages to keep your system secure. Recently, while maintaining the software on our …

You implemented refresh token handling for multiple devices in the previous tutorial. The core of that implementation lives in the route handler which assigns the route handler for the refresh token three tasks: find an active refresh token for the incoming input invalidate the incoming refresh token create a new …

This tutorial extends the previous tutorial on refresh tokens with JWT Authentication for logins on multiple devices. The implementation from the previous tutorial works well for a single login because you allow a single refresh token. As soon as your users log in from different devices, the last login has …