This post is going to be about creating an authentication with JSON Web Tokens for your project, presumably an API that’s going to be used by Angular, Vue.js or similar frontend frameworks. We’re going to send the jwt with every request, meaning that we don’t rely on sessions, but simply put the token on every request we make to the API. This way you don’t have to worry about cookies, but you can save it in
localStorage or other places on the frontend.
In essence this tutorial will go through:
- creating a
/login route to acquire a token
- creating a
/secret route, that only is available to logged in users with a JSON web token
If you’re curious about the final result and don’t want the step by step guide, check out the final jwt express gist.
Continue reading “Express, Passport and JSON Web Token (jwt) Authentication for Beginners”
Express.js is one of the most popular node.js frameworks for serving websites or building APIs. This article is about how to enable Cross Origin Resource Sharing, also known as CORS. For that we need to set the correct headers in the response, which allow a browser to make use of the data from any domain.
Continue reading “How to: enable CORS in express.js (node.js)”
I’m a fan of improvisation, Duct-tape and hacking things into what you want them to do speedily and without a lot of testing. One of the areas, where I wouldn’t follow this approach is security.
Security is something many companies don’t take serious. Their servers get broken into, all their user’s data are stolen, leaked, etc. Not cool.
This is not because security is impossible, it’s because it’s just often ignored and can be expensive. Nothing is unbreakable, but in my opinion it’s worth to at least make an effort towards: hard to break. Continue reading “CigTrack Day #6: Security and bcrypt”
Poet is a great little node.js based project that allows you to start a blog in no time.
The description of the project by the author made me smile, so I’ll just quickly share this quote: Continue reading “Poet – a node.js blogging platform”
I have a couple of ideas node.js would be great for. One of them is spam analysis. So I started importing around 14.000 spam comments from one of my blogs locally and am now setting up a little system that analysis things like which words occur the most in the comment field.
Continue reading “Working with Spam Analysis”