filmov
tv
Token Based Authentication in Node.js using JWT (JSON Web Tokens) + MySQL Example
Показать описание
Node js Token Based JWT Authentication using Express with MySQL Example
#nodejsjwtauthentication #nodejsexpressjwt #nodejssecurity
#nodejsexpresssecurity #jwtexpresssecurity
“How to implement a Nodejs JWT Authentication?” is one of the most common question in the development world? So in the tutorial, I will introduce details step by step how to do it with 100% running coding example by Express RestAPIs, JSON Web Token, BCryptjs, Sequelize and MySQL/PostgreSQL database.
0. JSON Web Token
JSON Web Token (JWT) defines a compact and self-contained way for securely transmitting information between parties as a JSON object.
Scenarios where JSON Web Tokens are useful:
Authorization: the most common scenario for using JWT. Single Sign On is a feature that widely uses JWT
Information Exchange: Because JWTs can be signed, JSON Web Tokens are a good way of securely transmitting information between parties.
JSON Web Tokens consist of 3 parts:
Header
Payload
Signature
JWT looks like Header-Base64-String.Payload-Base64-String.Signature-Base64-String
I. Workflow
We define 5 workflows as below:
1. SignUp Scenarios
- Verify UserName & Email
- If NOT Duplicate (UserName & Email), verify Roles are existed.
- If Roles are available, save User Info to database by Sequlieze ORM
- Othercase, Eror code will be returned
2. SignIn Scenarios
- Find User record in database by username
- If User is existed, check password is Valid or NOT
- If password is valid, create JWT then return JWT token back to client
- Othercase, Error code will be returned
3. Access User Content
- Verify JWT Token
- If token is valid, controller will load & return User Info back to client
- Othercase, Error Code will be returned
4. Access PM Content
- Verify JWT Token
- If token is valid, verify PM role.
- If User has Admin or PM role, controller will load & return Management Content to client.
- Othercase, Error code will be returned
5. Access Admin Content
- Verify JWT Token
- If token is valid, verify ADMIN role.
- If User has Admin role, controller will load & return Admin Content to client.
- Othercase, Error code will be returned
II. Video Guide Structure
0:00 - Review Overall Debug Processing: Nodejs Token Based JWT Authentication
0:35 - Start Review Article: Node js Token Based JWT Authentication using Express with MySQL Example
0:44 - SignUp Scenarios
0:52 - SignIn Scenarios
1:01 - Access User Content Scenarios
1:08 - Access PM Content Scenarios
1:15 - Access Admin Content Scenarios
1:24 - Download Sourcecode
1:33 - Install nodejs dependencies
1:38 - Import Nodejs project to Visual Studio Code
1:41 - Review Nodejs Project Structure
2:52 - Start Debug Nodejs project
--DEBUG--
3:01 - Start Debug SignUp Jack with USER_ROLE
4:09 - Start Debug SignUp Adam with PM_ROLE and USER_ROLE
5:23 - Start SignUp Thomas with ADMIN_ROLE
5:57 - Start Debug SignIn Jack with USER_ROLE to get JWT Authentication
6:46 - Jack access resources at /api/test/user successfully
7:48 - Jack try to access resouces at /api/test/pm - Fail because do NOT have permission
8:44 - Jack try to access resource at /api/test/admin - Fail because of Do NOT have permission
9:29 - Debug - SignIn with user Adam (having PM and User roles) to get JWT authentication
10:06 - Adam try to access resource at /api/test/pm - successfully.
11:04 - Adam try to access resource at /api/test/user - successfully
11:31 - Adam try to access resource at /api/test/admin - FAIL - Dont have permission
12:11 - try to login with Thomas user with ADMIN_ROLE
12:45 - Thomas try to access resource at /api/test/admin - successfully
13:45 - Thomas try to acces PM resouces - successfully
14:05 - try to access resouces with WRONG JWT - FAIL
III. Related post:
1. Angular 10 Spring Boot JWT Authentication Example – Angular 6, 8, 9, 10 + Spring Security + MySQL/PostgreSQL
2. Django RestAPIs Tutorial – Build Post/Get/Put/Delete request Examples to MySQL/PostgreSQL databases
3. Angular & Nodejs JWT Authentication fullstack Example | Angular 6, 7, 8, 9 – Express RestAPIs + JWT + BCryptjs + Sequelize + MySQL/PostgreSQL
Node js Token Based JWT Authentication using Express with MySQL Example
#nodejsjwtauthentication #nodejsexpressjwt #nodejssecurity
#nodejsexpresssecurity #jwtexpresssecurity
“How to implement a Nodejs JWT Authentication?” is one of the most common question in the development world? So in the tutorial, I will introduce details step by step how to do it with 100% running coding example by Express RestAPIs, JSON Web Token, BCryptjs, Sequelize and MySQL/PostgreSQL database.
0. JSON Web Token
JSON Web Token (JWT) defines a compact and self-contained way for securely transmitting information between parties as a JSON object.
Scenarios where JSON Web Tokens are useful:
Authorization: the most common scenario for using JWT. Single Sign On is a feature that widely uses JWT
Information Exchange: Because JWTs can be signed, JSON Web Tokens are a good way of securely transmitting information between parties.
JSON Web Tokens consist of 3 parts:
Header
Payload
Signature
JWT looks like Header-Base64-String.Payload-Base64-String.Signature-Base64-String
I. Workflow
We define 5 workflows as below:
1. SignUp Scenarios
- Verify UserName & Email
- If NOT Duplicate (UserName & Email), verify Roles are existed.
- If Roles are available, save User Info to database by Sequlieze ORM
- Othercase, Eror code will be returned
2. SignIn Scenarios
- Find User record in database by username
- If User is existed, check password is Valid or NOT
- If password is valid, create JWT then return JWT token back to client
- Othercase, Error code will be returned
3. Access User Content
- Verify JWT Token
- If token is valid, controller will load & return User Info back to client
- Othercase, Error Code will be returned
4. Access PM Content
- Verify JWT Token
- If token is valid, verify PM role.
- If User has Admin or PM role, controller will load & return Management Content to client.
- Othercase, Error code will be returned
5. Access Admin Content
- Verify JWT Token
- If token is valid, verify ADMIN role.
- If User has Admin role, controller will load & return Admin Content to client.
- Othercase, Error code will be returned
II. Video Guide Structure
0:00 - Review Overall Debug Processing: Nodejs Token Based JWT Authentication
0:35 - Start Review Article: Node js Token Based JWT Authentication using Express with MySQL Example
0:44 - SignUp Scenarios
0:52 - SignIn Scenarios
1:01 - Access User Content Scenarios
1:08 - Access PM Content Scenarios
1:15 - Access Admin Content Scenarios
1:24 - Download Sourcecode
1:33 - Install nodejs dependencies
1:38 - Import Nodejs project to Visual Studio Code
1:41 - Review Nodejs Project Structure
2:52 - Start Debug Nodejs project
--DEBUG--
3:01 - Start Debug SignUp Jack with USER_ROLE
4:09 - Start Debug SignUp Adam with PM_ROLE and USER_ROLE
5:23 - Start SignUp Thomas with ADMIN_ROLE
5:57 - Start Debug SignIn Jack with USER_ROLE to get JWT Authentication
6:46 - Jack access resources at /api/test/user successfully
7:48 - Jack try to access resouces at /api/test/pm - Fail because do NOT have permission
8:44 - Jack try to access resource at /api/test/admin - Fail because of Do NOT have permission
9:29 - Debug - SignIn with user Adam (having PM and User roles) to get JWT authentication
10:06 - Adam try to access resource at /api/test/pm - successfully.
11:04 - Adam try to access resource at /api/test/user - successfully
11:31 - Adam try to access resource at /api/test/admin - FAIL - Dont have permission
12:11 - try to login with Thomas user with ADMIN_ROLE
12:45 - Thomas try to access resource at /api/test/admin - successfully
13:45 - Thomas try to acces PM resouces - successfully
14:05 - try to access resouces with WRONG JWT - FAIL
III. Related post:
1. Angular 10 Spring Boot JWT Authentication Example – Angular 6, 8, 9, 10 + Spring Security + MySQL/PostgreSQL
2. Django RestAPIs Tutorial – Build Post/Get/Put/Delete request Examples to MySQL/PostgreSQL databases
3. Angular & Nodejs JWT Authentication fullstack Example | Angular 6, 7, 8, 9 – Express RestAPIs + JWT + BCryptjs + Sequelize + MySQL/PostgreSQL
Node js Token Based JWT Authentication using Express with MySQL Example
0:02:18
0:27:36
0:14:53
0:07:00
0:10:20
0:14:24
0:00:26
0:14:30
0:28:17
0:00:53
0:14:24
0:00:13
0:34:04
0:15:19
0:11:53
0:06:12
0:26:28
0:01:27
0:00:24
0:37:16
0:30:54
0:23:05
0:29:05
0:00:59