Message from JavaScript discussions

January 2018

— Just remember DRY principles, and you'll write very little

—

Well there are standards for that token.. Having something that layers this thing for you may be useful. My objective is build a complete frontend app (vuejs) that relies only on stateless API endpoints (even the login). Is that login into token the right way?

— Yes, you can use jwt for stateless login

— But you'll need to store users themselves

— So that'll obviously be stateful

— Well

— Standards to replace 6 lines?

— Express-jwt/README.md at master · auth0/express-jwt
https://github.com/auth0/express-jwt/blob/master/README.md

Message permanent page

— Well this have things like token revoke

— Wat

— You can't revoke jwt's

— Yeah, it just checks for expired tokens it seems