Home

Awesome

NodeJS JWT Authentication sample

This is a NodeJS API that supports username and password authentication with JWTs and has APIs that return Chuck Norris phrases. How awesome is that?

Available APIs

User APIs

POST /users

You can do a POST to /users to create a new user.

The body must have:

It returns the following:

{
  "id_token": {jwt},
  "access_token": {jwt}
}

The id_token and access_token are signed with the secret located at the config.json file. The id_token will contain the username and the extra information sent, while the access_token will contain the audience, jti, issuer and scope.

POST /sessions/create

You can do a POST to /sessions/create to log a user in.

The body must have:

It returns the following:

{
  "id_token": {jwt},
  "access_token": {jwt}
}

The id_token and access_token are signed with the secret located at the config.json file. The id_token will contain the username and the extra information sent, while the access_token will contain the audience, jti, issuer and scope.

Quotes API

GET /api/random-quote

It returns a String with a Random quote from Chuck Norris. It doesn't require authentication.

GET /api/protected/random-quote

It returns a String with a Random quote from Chuck Norris. It requires authentication.

The JWT - access_token must be sent on the Authorization header as follows: Authorization: Bearer {jwt}

Running it

Just clone the repository, run npm install and then node server.js. That's it :).

If you want to run it on another port, just run PORT=3001 node server.js to run it on port 3001 for example

Issue Reporting

If you have found a bug or if you have a feature request, please report them at this repository issues section. Please do not report security vulnerabilities on the public GitHub issue tracker. The Responsible Disclosure Program details the procedure for disclosing security issues.

Author

Auth0

License

This project is licensed under the MIT license. See the LICENSE file for more info.

What is Auth0?

Auth0 helps you to:

Create a free account in Auth0

  1. Go to Auth0 and click Sign Up.
  2. Use Google, GitHub or Microsoft Account to login.

Use Postman

Postman provides a powerful GUI platform to make your API development faster & easier, from building API requests through testing, documentation and sharing

Here is a small collection to highlight the features of this sample API.

Run NodeJS JWT Authentication in Postman