From the course: Angular: API Communication and Authentication
Join today to access over 22,600 courses taught by industry experts or purchase this course individually.
Authenticating requests and validating JWTs - Angular Tutorial
From the course: Angular: API Communication and Authentication
Authenticating requests and validating JWTs
- [Narrator] Now that we have provided a way for users to log in and obtain a JSON web token, we need to lock down the current API routes and only give access to requests with a valid token. In order to do so, we need to tell express to use a special middleware that will check the validity of the JWT on every request. We want to lock down all requests to the API path. So go ahead and open API dash router dot Js. First, import the express JWT middleware. And we will store this function in the variable check JWT. Before running through the other middleware, we want to tell the router to use the check JWT middleware. And we do so by calling the function check JWT and specifying an object with the JWT secret. The JWT secret is an environment variable we had specified earlier. We want to run this check on all routes except the authenticate route since that will be used to generate a token. And we can do that by calling it the unless method and specifying an object with the path we want to…
Practice while you learn with exercise files
Download the files the instructor uses to teach the course. Follow along and learn by watching, listening and practicing.
Download courses and learn on the go
Watch courses on your mobile device without an internet connection. Download courses using your iOS or Android LinkedIn Learning app.