Message from JavaScript discussions

January 2018

— Well if I can rely on a production ready plugin, why not?


// require auth for all pages:
app.use((req, res, next) =>
db.authed(req.token).then(isAuthed =>
? next()
: res.json(authNeededError)));

// Single path:
app.get('/user/:id', (req, res) =>
db.user( =>
? res.json(user)
: res.json(missingUserError)));

— Just remember DRY principles, and you'll write very little

— Well there are standards for that token.. Having something that layers this thing for you may be useful. My objective is build a complete frontend app (vuejs) that relies only on stateless API endpoints (even the login). Is that login into token the right way?

Message permanent page

— Yes, you can use jwt for stateless login

— But you'll need to store users themselves

— So that'll obviously be stateful

— Well

— Standards to replace 6 lines?

— Express-jwt/ at master · auth0/express-jwt

Message permanent page

— Well this have things like token revoke

— Wat