Message from JavaScript discussions

January 2018

— Well if I can rely on a production ready plugin, why not?

— 

// require auth for all pages:
app.use((req, res, next) =>
db.authed(req.token).then(isAuthed =>
isAuthed
? next()
: res.json(authNeededError)));

// Single path:
app.get('/user/:id', (req, res) =>
db.user(req.params.id).then(user =>
user
? res.json(user)
: res.json(missingUserError)));

— Just remember DRY principles, and you'll write very little

— Well there are standards for that token.. Having something that layers this thing for you may be useful. My objective is build a complete frontend app (vuejs) that relies only on stateless API endpoints (even the login). Is that login into token the right way?

Message permanent page

— Yes, you can use jwt for stateless login

— But you'll need to store users themselves

— So that'll obviously be stateful

— Well

— Standards to replace 6 lines?

— Express-jwt/README.md at master · auth0/express-jwt
https://github.com/auth0/express-jwt/blob/master/README.md

Message permanent page

— Well this have things like token revoke

— Wat