Message from JavaScript discussions
January 2018
— Well if I can rely on a production ready plugin, why not?
// require auth for all pages:
app.use((req, res, next) =>
db.authed(req.token).then(isAuthed =>
isAuthed
? next()
: res.json(authNeededError)));
// Single path:
app.get('/user/:id', (req, res) =>
db.user(req.params.id).then(user =>
user
? res.json(user)
: res.json(missingUserError)));
— Just remember DRY principles, and you'll write very little
— Well there are standards for that token.. Having something that layers this thing for you may be useful. My objective is build a complete frontend app (vuejs) that relies only on stateless API endpoints (even the login). Is that login into token the right way?
— Yes, you can use jwt for stateless login
— But you'll need to store users themselves
— So that'll obviously be stateful
— Well
— Standards to replace 6 lines?
— Express-jwt/README.md at master · auth0/express-jwt
https://github.com/auth0/express-jwt/blob/master/README.md
— Well this have things like token revoke
— Wat