7 minutes: Create a Node API with JWT's (json web tokens)

No video

7 minutes: Create a Node API with JWT's (json web tokens)

Рет қаралды 99,325

Күн бұрын

Learn how to quickly build a Node.js API that uses json web tokens to protect routes. Check out the related blog post here:
www.bentedder.c...

Пікірлер: 81

@mauroinsacco2277 5 жыл бұрын

Jesus I wish there were more tutorials like this to just show a simple example in 5 minutes instead of 3 hours long full site tutorials to just see one thing, thanks a lot

@nnif9045 2 жыл бұрын

I totally agree

@divineMusic123 2 жыл бұрын

Really

@leowilliams6848 6 жыл бұрын

Clear, concise, and to the point. You are an excellent teacher. I don't know why in the world some of these guys make things so complicated, but your example gave me exactly what I needed. Hopefully, you're employed somewhere they appreciate you.

@zingaflux 9 ай бұрын

for $$$ : One way to make money is to make you believe that it's complicated, and another is to scare you (example: covid)...

@praadiiit 3 жыл бұрын

Best short tutorial from all node.js jwt auth tutorials 🔥🔥🔥🔥. I hope i found this video earlier. Thank you

@MrPyach 7 жыл бұрын

Thanks so much, dude, you saved my whole life! So clear and useful!

@sirstroopwafel Жыл бұрын

man thanks a lot for this, this really makes me understand a lot better than any other videos on youtube

@christospapidas3123 6 жыл бұрын

Great tutorial, please consider using JWT with async encoding (private and public key) in order to use for verification only the public key. This helps us when we want to work with microservices or third party services.

@penumono 3 жыл бұрын

This is an underrated tutorial. Thanks a dime !!

@buddhikasandaruwan4347 5 жыл бұрын

best json web token tutorial around...great!!

@alexandroskourtis5268 3 жыл бұрын

wow short & quick and AWESOME TUTORIAL!!!!

@bodamat 3 жыл бұрын

Thanks really a lot! I found what I need. Create a very simple protected API. Thanks again!

@aadarshkhair 2 жыл бұрын

underrated tutorial fr~

@akashkumaravel Жыл бұрын

Man!.. I love your keyboard sound.

@zniverse 6 жыл бұрын

The presentation is great. But I can't hear clearly.

@bryku 6 жыл бұрын

THANK, this was really helpful as sometimes i can't use sesisons. thanks for the quick video!

@alexandroskourtis5268 3 жыл бұрын

cant we just put the jwt.verify method in the middleware?

@Arabian_Abomination 2 жыл бұрын

Yes that is the better method

@julianjacobs8956 6 жыл бұрын

awesome video. thanks for the simple intro, authentication can seem overly complex at times

@m0hamedSharaf 7 жыл бұрын

Thanks a lot, would recommend that you make the sound clearer.

@riyajain5525 5 жыл бұрын

Great... Very helpful in short lecture

@ashishzade8838 4 жыл бұрын

Thanks genius

@rohithsj5066 6 ай бұрын

Loved this video bro. Thanks a lot for knowledge share

@VictorNolochemical 7 жыл бұрын

Thanks helpful video! I didnt know Express can handle multiple callbacks in routes? If I understand your code correctly, you pulled the header for the jwt with ensureToken, popped the data payload, and pushed that data, back into the req object in the `api/protected` for the next route callback?

@suryaa1063 5 жыл бұрын

Thank you so much Ben Tedder This is osm.

@yumingui5271 6 жыл бұрын

Hi, what if some malicious hacker get my token and he can access sensitive data that belongs to me? Basically, any client with the token can access the sensitive data, right? It's so confusing.

@kizomanizo 4 жыл бұрын

This was just an illustrative example. In real life, you would have a database that has users table with usernames/emails, password (encrypted using Bcrypt or whatever, even plain text albeit a terrible practice) and salts used to encrypt each password if they were used. You would first check if the username and password are valid, if they are, you then issue a token as shown in this example, if not you'd simply deny access to any route. If he was to make a lengthy tutorial he'd start with sending another post in Postman with body containing username and password as form-data input entries. That request would have returned with the token.

@jazilzaim 4 жыл бұрын

Nice job on this! This is amazing!!!!

@neilt1352 5 жыл бұрын

Excellent and to the point

@ThiagoTAV 6 жыл бұрын

Thank you, just what I needed :)

@tristanb_ 4 жыл бұрын

Thanks ! That's so clear !

@vivasviyan 4 жыл бұрын

Thanks for this great video. When i protect my api throws error as forbidden. I have followed every step

@aj-editssz 6 жыл бұрын

Where to store 'my_secret_key' in server side ? Is it in db then for every protected request I have to access db

@mikekennedy8644 6 жыл бұрын

Thanks for this very useful video.

@sivasundarpt 5 жыл бұрын

Thanks for your nice video . But it's working fine when using Postman . But when using URL it show the undefined error . Can you please give any suggestion me to resolve an issue?

@kizomanizo 4 жыл бұрын

That is because a normal browser cannot send HTTP Headers (A place where you'd want to place your token). This authentication is mainly for APIs that are consumed by external applications such as mobile apps or front end frameworks such as Angular, React or VueJS.

@akhedy4905 7 жыл бұрын

Thank you for great tutorial

@kennethedwards1922 6 жыл бұрын

Great tutorial. Anyone know how to fix the JsonWebTokenError: invalid signature error? Can't quite figure it out.

@islemdhrif6866 6 жыл бұрын

i have err : Unknown authenticate strategy 'jwt' i didn't undrestand it

@80968158650 6 жыл бұрын

Thks for this video. Does anyone know the name of the program from the video where we can test requests to the server?

@ehsanjehangir8223 6 жыл бұрын

Thanks man this video helped to some extent actually i am working on a project with sequelize db and i need to integrate JWT in the code thats where I'm stuck so if you could do a little bit more detailed video that would be awesome

@jlambert12013 4 ай бұрын

Can you turn your keyboard down

@PerfilsistemasBr 5 жыл бұрын

do you know export example separate modules

@sivasankarchimata1882 6 жыл бұрын

Hello sir i am looking for a tutorial on MYSQL with NODE.JS & ANGULAR. So can you please make a tutorial on CRUD operation in MYSQL with NODE.JS & ANGULAR.

@theaibug 4 жыл бұрын

U just saved my ass buddy.. thanks for sharing this.

@lusaiblatheef 3 жыл бұрын

Mahn you r helping great

@spfund533 4 жыл бұрын

I love it !

@rustamsadatov5897 3 жыл бұрын

thank you bro for this video

@tninelives 4 жыл бұрын

awesome! Thank you so much

@bwanamaina 3 жыл бұрын

this is helpful 🔥

@Ethan-rv1jr 4 жыл бұрын

Authorization Required! Status code is 401

@mmmhenrique Жыл бұрын

amazing!

@PG_Motivation 5 жыл бұрын

sir please create a video with otp validation for only 5 min after that they are expired

@dalemoncayo 5 жыл бұрын

Awesome bro

@TegarSantosaP 5 жыл бұрын

thanks dude!

@hariwarshan931 4 жыл бұрын

This is working fine but when I try to make request from react it is going into else part. That is req.headers is not even having the token but In postman if I make the request its fine . Can anybody tell me why?

@partiid 4 жыл бұрын

You basically rewrite a code that they provided in their docs D:

@primems4886 4 жыл бұрын

Straight to businesses

@divineMusic123 2 жыл бұрын

Wandrful

@daniellaerachannel 6 жыл бұрын

great

@reginuraruifin6645 6 жыл бұрын

R.I.P me, i never understand it

@christospapidas3123 6 жыл бұрын

hmm try to read more about authentication and authorization. Also I have create a project about that in java sprint but you have ready only the theoretically part at github dont get into details unless you know java and sprint framework very well. github.com/cpapidas/Spring-Boot-OAuth2-JWT-MySQL

@autohustles 6 жыл бұрын

The Web Development Bootcamp on Udemy is the best course to get through all this stuff. Got it on sale for £10 and they have those sales like all the time. You will be able to do it!

@engelshentenawy 6 жыл бұрын

it is nothing more than a string or a box locked with a key , and can only be open with that same key, it can optionally have something in it and it can also have an expiration date

@bernab 6 жыл бұрын

It is a way to protect routes , so, for example only the user that login in his/her account enter, and also can enter into protected webpages. Like ahmet Eid said it is nothing more than a string or a box locked with a key.

@MehmetALTINEL 6 жыл бұрын

kzfaq.info/get/bejne/ZtWIjK-r2tvHp3k.html