This sample is published as part of the corresponding blog article at https://www.toptal.com/angular/angular-6-jwt-authentication.
Visit https://www.toptal.com/blog and subscribe to our newsletter to read great posts!
need to add the jwt package
npm install @auth0/angular-jwt
need to install body-parser, jsonwebtoken and express-jwt
npm install body-parser jsonwebtoken express-jwt
- body-parser is used to analyze, and could process different kind of response type, such as text, json, urlendcoded and could also handle different encoding
var token = jwt.sign({userID: user.id}, secretKey, {expiresIn: '2h'});
http://localhost:4000/api/auth/
username and password
http://localhost:4000/api/todos
header: Authorization: Bearer {token}
JwtModule.forRoot({
config: {
tokenGetter: tokenGetter,
whitelistedDomains: ['localhost:4000'],
blacklistedRoutes: ['localhost:4000/api/auth']
}
})
and using proxy in ng client to map /api/ to localhost:4000 server proxy.conf.json
https://www.digitalocean.com/community/tutorials/how-to-use-winston-to-log-node-js-applications
send one api token and one refresh token which has longer expiry time than api token
when api token expired and need to use refresh token to get a new api token and also the refresh token