JSON Web Token (JWT) authentication comes with a trade-off: the created token lives on client side. You don’t need to store a token in your server-side database to make JWT authentication work in your application. This is —simultaneously— the largest benefit of JWT: your server can trust a verified …
Continue Reading
Node.js benefits from new language features in JavaScript. The introduction of classes in JavaScript is a great step towards better extensibility. You provide functionality in a base class, let other classes extend this base class, and use the given methods. But how to extend multiple classes in Node.js? …
Continue ReadingJSON web tokens (JWT) are a convenient way to authenticate users on your platform. The simplest version of handling JWT authentication looks like this: creating a token by signing it with a secret key that is only known to your application. Once created, you send off the compact form of …
Continue Reading
Handling errors plays a major role in your application. In error situations, you want to know the details of the issue and how to solve it. When developing your app, you can create your own errors. Errors in Node.js are extensible classes. This tutorial walks you through the creation …
Continue Reading
When using JSON web tokens in your application, you’ll find JWT related implementations in different places. For example, creating a new JWT is part of a login route handler. Authenticating an incoming JWT takes place in an authentication strategy. Refreshing a JWT, JWT logout, or token blacklisting are use …
Continue Reading
The development lifecycle of NPM packages is fast. You’ll regularly notice releases that contain new features or bug fixes. Over time, your project’s dependencies go out of date and you need to invest time into updating the third-party packages. Show Outdated NPM Packages The NPM CLI shows outdated …
Continue Reading
Security must be a major concern in every application. You should assign rigid security rules for your authentication-related API endpoints. The mini-series “building a rate limiter” here on Future Studio goes through the implementation of a rate limiter. If you didn’t code along in the series, you can grab …
Continue Reading
You implemented refresh token handling for multiple devices in the previous tutorial. The core of that implementation lives in the route handler which assigns the route handler for the refresh token three tasks: find an active refresh token for the incoming input invalidate the incoming refresh token create a new …
Continue ReadingFind interesting tutorials and solutions for your problems.